SafeNet Authentication Service
Strengths: Full cloud-based option with no need for separate hardware.
Verdict: If the cloud is your cup of tea for authentication, give this one a close look.
The SafeNet Authentication Service offers an entirely cloud-based multifactor authentication platform for the enterprise. This offering can tie in directly with the already existing lightweight directory access protocol (LDAP) or Active Directory infrastructure, and provide both hardware and soft token authentication options. This product also includes many automation and user self service options, such as user enrollment and account reconciliation.
We found this product quite easy and straightforward to set up and manage. Since the majority of the tool itself is hosted from SafeNet's cloud, there is really no server-side setup to be done. In order to get the product up and running, we simply had to install the appropriate agents throughout our test environment and point them at the SafeNet Authentication Service cloud. SafeNet offers a multitude of agents, including Active Directory Sync Agents, Outlook Web Access and SharePoint on the Microsoft side, along with Cisco, Citrix and Juniper for VPNs and remote access. Agents are also available for Windows Logon for Windows 2008, Vista and Windows 7. On the management side, administrators can easily configure and manage the Authentication Service by logging into a web-based management interface - known as BlackShield Cloud Manager. We found this interface to be easy to use and intuitive to navigate.
Aside from integration with internal authentication services, this offering also integrates with many cloud-based applications, including Google Apps and Salesforce. Beyond the flexible integration options, this solution also includes many built-in authentication options. For example, users can self enroll using soft tokens sent directly to their mobile device. SafeNet supports all major device platforms, including iOS, Android, Windows Mobile and BlackBerry. After enrollment, users also can employ these same devices as their authentication token. Aside from mobile device tokens, this tool also supports authentication using SMS, email or grid cards. Furthermore, SafeNet also can integrate with existing tokens to provide seamless deployment for users who may already have tokens in use.
Documentation included several PDF manuals. These included an administrator and several configuration guides. We found all documentation to be easy to follow with many screen shots and configuration examples. Also available were several integration guides, which provide an excellent amount of detail on how to configure the various agents for integration into the environment.
SafeNet provides no-cost implementation support to all customers who purchase the product. This includes assistance with initial installation, configuration and interoperability with third-party products. Aside from the installation support, customers also can purchase either eight-hours-a-day/five-days-a-week or 24/7 support plans, and the cost can be rolled into a monthly subscription cost or annual contract.
The overall cost varies by type of deployment, but the full cloud-based service starts at $4 per user per month. We find this to be an average value for the money overall. While the SafeNet Authentication Service does provide a full, cloud-based way to integrate multifactor authentication into the enterprise, it can become quite pricey on an ongoing basis for larger deployments.