Commerce Media Celo 2.0
February 01, 2009
£7,500 (standard edition for up to 2,000 users)
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: No hardware purchase for tokens; it utilises something users already have
- Weaknesses: Time needed to get running, support, initial cost is high but cost per user is reasonable at 2,000-user level
- Verdict: Takes time to set up/configure but easy to use and manage after that
Celo from Commerce Media is a token-less, two-factor authentication product that can be deployed either as an in-house or hosted solution and supports both SOAP and Radius protocols to use something you already have, instead of requiring a user to carry additional hardware. The focus of the Celo solution is to transform a mobile phone or other device into a token to receive a one-time password (OTP).
The solution is delivered as software. We loaded the following Celo modules on our test server: SOAP interface, admin web interface, Radius service and database. These modules sat on top of Microsoft IIS and .Net Framework, which we loaded first. We also had to load an SQL server to support the database deployment.
Once deployed, the management interface was simple and easy to use. Some of the configurations to the server still required command line skills and were not totally integrated into the management user interface. The application did come with Radius support but we did not see any integration with LDAP or AD for adding users to the system. Even without the integration, we were impressed with how easily we could create and manage a user using the web-based tools in the management interface of Celo 2.0.
Logging and reporting were available and were adequate for most basic management needs.
A nice benefit to both the end user and the support staff is that password reset is achieved by the user repeating the request for a one-time password, eliminating the need to contact a help desk. Users can choose between multiple transport methods for passwords, including SMS text message and email.
Documentation was installed with the application. We would have liked access to the user and admin guides prior to loading the software but were unable to find them on the website. Basic support is provided for 60 days via the web and upgraded options are available after that.
Once initial setup is complete, ongoing administration is minimal, so the cost of operating this solution is very attractive. It requires time to set up and initially configure, but after that is easy to use and manage.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry