One of the perceived issues in adopting single sign-on is the relative complexity of setting everything up, especially in larger organizations with a complex technical infrastructure to maintain.
The Imprivata OneSign is a hardware-based single sign-on solution. It uses intelligent automation via its Application Profile Generator to create XML-based profiles for applications and store these in the hardware appliance, ready to be downloaded by client-side software when users authenticate themselves at a workstation.
The appliance is an attractive and robust 1U rack-mounted box with a small LCD screen and a few buttons to scroll through choices and change settings.
The idea is to deploy two units in a hot standby configuration, connected to each other (for synchronization) and to the network. If the primary device fails, the standby unit automatically takes over and the administrator is notified.
This is not a luxury, but an key part of a single sign-on implementation to prevent absolute failure of the single sign-on functionality, so full marks to Imprivata for taking this approach.
The OneSign box is a little noisy, but not intrusively so compared to similar hardware. It booted up smoothly, with LED indicators showing HDD and LAN activity. Having set up the IP and gateway addresses via the built-in two-line display, communication was established, with detailed configuration undertaken via a web browser.
The web-based administrator interface is logical, clear and very attractively presented. It also has printed manuals, and these are concise and clear.
Imprivata One Sign integrates with existing directories and can support roaming users. In an emergency, the administrator may lock an individual user out of all applications with a single click.
Alternative primary authentication methods are also supported, including Secure ID tokens and fingerprint biometrics.
It is a serious and professionally presented product for those who need to provide enterprise level single sign-on functionality.