Two-factor authentication with ECOS AUTHENTICATION CONTROL APPLIANCE
The ECOS AUTHENTICATION CONTROL APPLIANCE (ACA) is a RADIUS server and operable on a virtual machine to provide a strong two-factor-authentication through SMS authentication or OTP token (one-time password).
ECOS ACA supports SafeNet® OTP token eToken PASS (OTP only) as well as eToken NG-OTP (OTP token and USB smart card in one). A connection to Telecom and Fax.de services for SMS authentication is provided.
Areas of application
ECOS AUTHENTICATION CONTROL APPLIANCE (ACA) is suitable for various user authentication tasks such as secure login for remote staff at VPN gateways such as SonicWall®, Juniper®, Cisco®, WatchGuard®, Citrix® Access Gateway etc., or for secure access to web applications such as web portals, Microsoft® Outlook Web Access (OWA), Citrix® WebInterface and more.
Mode of operation
ECOS AUTHENTICATION CONTROL APPLIANCE communicates with other devices or applications by RADIUS protocol. During the roll-out of the tokens, eToken PASS personalization, respectively eToken NG-OTP personalization is directly made over the OTP appliance, so no further software is required.
ECOS AUTHENTICATION CONTROL APPLIANCE key data
- Authentication server for OTP via SMS as well as SafeNet® eToken PASS and eToken NG-OTP (OTP part only)
- Full RADIUS server integrated
- Directory synchronization of users under Microsoft® ADS, Novell® eDirectory, CA® eTrust, Siemens® DirX, SUN® Directory, LDAP and other directories
- Optional: inclusion of external authentication server
- Extensive token lifecycle management
- Convenient configuration by web interface
- SMS dispatch by internet services, or SMS gateway via RPC or e-mail, triggered by RADIUS request through user name and password
- Backing Telekom and Fax.de SMS services
- Automatic up-to-date service to ensure topicality and security of the ECOS AUTHENTICATION APPLIANCE
- If required, multiple ACA (slaves) can be centrally administrated by a master appliance
Technical data and functions
- Against external LDAP server
- Against internal or external RADIUS server
- Mixed operation with SMS, eToken and static passwords
- With SMS, eToken PASS or NG-OTP
- Via HA module (art. no. HA100) or through the virtual server's redundant structure
- VMware ESX-Server
- VMware Server (free version)
- VMware Workstation
- VMware Player (free version)
- Citrix XEN Server
- Microsoft Hyper-V
- Oracle VirtualBox
- Linux KVM