Content

DS3 Authentication Server

DS3's Authentication Server runs on Sun's server hardware and is primarily designed to protect banking applications from threats such as phishing.

While appliances are generally easier to set up and configure than software, the DS3 Authentication Server is still quite a tricky beast to deal with. For example, LDAP authentication isn't built in by default, and you have to download and compile an add-on if you want to use your existing directory of users.

It does have Radius support, though, so you can add two-factor authentication to remote access such as VPNs quite easily.

The server is platform-agnostic and there are no dedicated agents for common web servers, such as IIS or Apache. Instead, authentication is handled through Java applets, so you'll need the necessary development staff to generate the code to introduce two-factor authentication to your web services. DS3 has a demonstration website that runs under TomCat, which is useful from a coding perspective to get an idea of how the system fits together.

It won't integrate with your existing Windows domain, however, so this product isn't a good choice if you want to protect workstation access.

The server is managed through a web front-end, which lets you define multiple domains, each with its own security policy and list of users.

One server, therefore, can be used to protect multiple resources.

For financial environments, DS3 Authentication Server is a good choice as it provides one of the widest range of tokens we've seen. As well as the standard keyring tokens, it has support for USB tokens, smart cards, pre-printed scratch cards that can be used up to 20 times and, if you install the GPRS modem component, single-use passwords via SMS.

This excellent range lets you deal with long- and short-term clients, spending accordingly on the authentication method.

As with Thales's Authentication Server and Gemalto's Protiva, integration with your existing infrastructure requires quite a bit of work with the help from developers. The DS3 Server's excellent authentication support makes it very flexible, though, and it will appeal to financial institutions. However, its single-focus approach means that it's not ideal if you want enterprise-wide protection.

Product title
DS3 Authentication Server
Product info
Name: DS3 Authentication Server Description: Price: $50,000 per appliance
Strength
The widest range of authentication methods on test.
Weakness
Can be complex to integrate; LDAP support is an add-on.
Verdict
An all-encompassing product for financial institutions.

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.