In this review we are not so concerned with remote access as such, but more with the security and ease of use for the teleworker; a growing breed of employee. But this still means a high level of control and security.
CRYPTOAdmin is authentication software, enabling user tokens to access the LAN. The CRYPTOAdmin authentication server is the backbone of the solution, the management side. The CRYPTOCard tokens and smartcards provide strong security for the teleworker to access the main network from a remote location without the risk of weakening an enterprise's security.
The software sits on the corporate side and we are not so concerned with this, although it is important to know what it does. It basically acts as an administrative tool for access and authentication rights. These rights can be specific to the groups or individuals that they control. Teleworkers do not need to see or worry about this aspect. All they need to know is how to initiate a session using the CRYPTOCard token or smartcard that they have been issued with and, of course, their PIN.
Installation is all at the network level and undertaken by the administrator. It is a simple process, and now that the documentation is supplied in paper format a much easier and faster one. If you read our recent Remote Access Group Test (February 2003) you may remember that the only available documentation was in PDF format from the vendor's web site, so this is a vast and welcome improvement.
Installation is by way of an wizard, making this aspect very simple, although the teleworker would not be involved with this. Once tested and initiated the user should be given the choice of authentication tokens or smartcards - as it is they who must use them, by allowing users to specify their preferences, the process of authentication with be a far more pleasurable experience. CRYPTOCard offer a smartcard and reader, PC card reader and authentication tokens.
This method of authentication should work well for your teleworker requiring network access, and with a firewall in place and adequate anti-virus protection they should have a solid security infrastructure in place, protecting both their interests and that of the company.