DSSS Authentication Server
September 01, 2006
Data Security Systems SolutionsProduct:
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: The widest range of authentication methods on test
- Weaknesses: Can be complex to integrate; LDAP support is an add-on
- Verdict: An all-encompassing product for financial institutions
DSSS's Authentication Server runs on Sun's server hardware and is primarily designed to protect banking applications from threats such as phishing.
While appliances are generally easier to set up and configure than software, the DSSS Authentication Server is still quite a tricky beast to deal with. For example, LDAP authentication isn't built in by default, and you have to download and compile an add-on if you want to use your existing directory of users. It does have Radius support, though, so you can add two-factor authentication to remote access such as VPNs quite easily.
The server is platform-agnostic and there are no dedicated agents for common web servers, such as IIS or Apache. Instead, authentication is handled through Java applets, so you'll need the necessary development staff to generate the code to introduce two-factor authentication to your web services. DSSS has a demonstration website that runs under TomCat, which is useful from a coding perspective to get an idea of how the system fits together.
It won't integrate with your existing Windows domain, however, so this product isn't a good choice if you want to protect workstation access.
The server is managed through a web front-end, which lets you define multiple domains, each with its own security policy and list of users. One server, therefore, can be used to protect multiple resources.
For financial environments, DSSS Authentication Server is a good choice as it provides one of the widest range of tokens we've seen. As well as the standard keyring tokens, it has support for USB tokens, smart cards, pre-printed scratch cards that can be used up to 20 times and, if you install the GPRS modem component, single-use passwords via SMS.
This excellent range lets you deal with long- and short-term clients, spending accordingly on the authentication method.
As with Thales's Authentication Server and Gemalto's Protiva, integration with your existing infrastructure requires quite a bit of work with the help from developers. The DSSS Server's excellent authentication support makes it very flexible, though, and it will appeal to financial institutions. However, its single-focus approach means that it's not ideal if you want enterprise-wide protection.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Microsoft update left Azure Linux virtual machines open to hacking
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry