Strengths: Entrust IdentityGuard is an efficient tool to use when wanting to manage authentication devices and identities.
Weaknesses: Smart card readers and biometric scanners are not provided and so can increase the overall cost of making a transition from single-factor to multifactor authentication.
Verdict: This tool offers a load of features, particularly if one needs a multifactor authentication system that can be managed on the fly.
Entrust IdentityGuard is a multifactor authentication tool that allows users to employ soft tokens, physical hardware tokens, fingerprint recognition, grid cards, eGrid, PIN protection and personal verification number. These forms of authentication are used to protect user logons, website information and personal information. Entrust IdentityGuard is meant to be used remotely as well as locally. The ability to reset a smart card or change the data of the smart card remotely is a feature that provides ease of use when creating and configuring smart cards, users and soft token devices. The initial configuration involves putting all the required devices on the same network. These include the server that the authentication software is on, a mobile device with the Entrust software on it, and the computer that one is using to put the credentials on the smart card.
Entrust IdentitiyGuard features the ability to use multifactor authentication to protect computers and information. What sets it apart from other multifactor authentication tools is its ability to create, modify and place credentials on a smart card from anywhere one can receive access to the network the server is on. The addition of fingerprint recognition adds another layer of security and is set up and integrated with Entrust IdentityGuard's Self-Service Portal. The offering includes centralized logging and reporting to notify of issues that arise in logging in and activating a smart card or other token.
Entrust IdentityGuard is a web-based application with its backend database to store personnel information and applications for mobile devices to access the server. It does all this while taking up little space. Also, it needs little processing power and RAM to meet its requirements. The administration panel determines the amount of failed attempts at each portion of the logon and if the attempts exceed the logon then the account is locked out and only administrators can unlock the account. The product held up to multiple failed logon attempts while also keeping those exceeding the limit from logging on without the account being previously unlocked. The security of the biometrics is also dependent on the scanner that the user chooses to employ with the software.
Out of the box, Entrust IdentityGuard includes the software and licenses. Each license is $8 per user until 25,000 users. After that amount, the price drops to $3.75/per. There are three different levels of support. The Platinum plan costs 22 percent of the total software purchased and provides 24/7 access to technical assistance. The Gold option is 20 percent of the total software purchased with 24/5 access and Silver is 18 percent with eight-hours-a-day/five-days-a-week aid. The plans are annual.
Given that the price of the product is based off of the application and not the devices that are used with the application, the value is worth the money. It provides a simple, affordable series of applications that are used to create smart cards, soft tokens and to enroll biometrics to provide better security within organizations. The software offers a service that many government organizations, including the military, use and provides a means to enable centralized maintenance of all smart cards, tokens and other authentication devices.
Stephen Resto contributed to this review.