The CAT AS is usually located on the internal enterprise network and is accessible to its authentication clients only. The authentication clients could be any device or software that require strong authentication and can communicate with the CAT AS using Radius or the CAT AS API. The CAT API Web Service is a set of methods that allow the CAT AS to perform tasks through the internet/intranet. It also allows requests to come from the internet to the CAT AS.
With the CAT AS admins can manage the users accessing the server, manage the authentication services, and produce system reports.
The CAT system uses one-time password technology and the cellular phone as the token. The authentication server and management system are very easy to use and make managing the services and identities a snap. The one-time password for each identity is generated on the basis of a combination seed (secret data) and a random string. The administrator can change the OTP sequence by requesting to change the random string.
AD synchronization is included and the software supports Radius-enabled devices/software, such as Citrix, Check Point, Cisco and MS ISA. Admins can use existing Radius solutions or the free Radius server provided with the software. The CAT also has an open API that makes it easy to integrate with products and web pages.
This is a nice solution for providing access to secured websites. Reporting is ok and the documentation was sufficient.