The SafeNet Authentication Service is one of those products that has been around a long time and its maturity shows. We have been watching the company for a long time. The authentication service is a good example of that experience and maturity. It is easy to set up, designed for large deployments and easy to use. SafeNet Authentication Service is a SaaS offering, but it can be set up on-premises if desired. However, it typically is deployed as a cloud service.
The SafeNet Authentication Service is built around a significant collection of automation workflows that allow admins to manage thousands of users, even with limited administrator overhead. The company prides itself on its over 200 integrations leading it to claim - rightly so, we believe - that if it takes a username and password on a login screen they can add strong authentication to it.
We looked at the SaaS version and the first thing that we noticed was the clean approach to menus. Since the first task is on-boarding new users we got a chance to see first-hand how the low support overhead works out. The workflows make a lot of difference and they are nicely integrated into the menu system. Because it is not uncommon for a user to access different levels of security - system administrators, for example - Authentication Service allows users to have multiple tokens.
Once the new user has started into the self-enrollment process, he or she creates a new token using MobilePASS. This allows him or her to create a token, give it a PIN and receive a first-time passcode. The first person to do this, obviously, must be the administrator or operator. Once the operator for the particular account is signed in for the first time, their next task is to add users. They can be added manually, automatically using a synch agent with, for example, Active Directory, or bulk loaded. If you bulk load you'll need to map fields so that whatever you are loading from matches the schema of the tool.
Once your users are loaded into the system they need tokens and that can be done automatically. You can set policies right from the dashboard and once the users are in the system and your policies are set your token goes out to the users by email. Additionally, there is a self-service portal that users can access to update their profiles, request tokens and other tasks. This lightens the load on the help-desk materially.
As part of its integrations, the product offers SAML and RADIUS out of the box. This eases the integration with other products where you want to add strong authentication. The system was easy to use and set up, complete and well thought-out. Reporting is excellent and when we asked about creating custom reports the answer was that with the 46 provided there is no need to. But if you want to alter reports you can on a one-time basis and you can only remove items. We found that a bit strange.