StrikeForce’s ProtectID provides an open-architecture platform for strong user authentication. The product allows multiple authentication methods such as biometrics and mobile-phone authentication for remote users to be mixed and matched for customers needing multi-layered security access. No middleware is needed, thanks to its ability to link directly to a domain controller.
ProtectID uses a distributed architecture with a central controller and remote agents. The latter communicate with the controller via an encrypted protocol. The solution makes securing a new system simple, you just have to install a new agent on the server. It uses a central identity agent consisting of a desktop interface that supports password or biometric authentication by a ProtectID secure channel. Other features include secure website logon, VPN access and terminal authentication.
We had no problems deploying StrikeForce’s offering. Administration is via the ProtectID manager web GUI, which makes constructing user accounts and privileges simple. ProtectID creates its own website in IIS and has out-of-band authentication to web applications via mobile phone for heightened security.
This product worked flawlessly under test and was flexible during the deployment phase. It quickly integrated into the Active Directory structure and uses SQL or MSDE as its operational data store. The ProtectID server can be configured to synchronise with the domain controller every 60 minutes or can be adjusted manually on demand.
StrikeForce’s documentation is good and simple to follow. The manuals are easy to navigate, with a hyperlinked table of contents for quick information retrieval.
Support offerings are available for normal business and extended hours as well as around the clock. However, there are no self-support features on the website. We feel that a knowledge base and technical FAQ would be helpful for users.
The product has a base price of £12.20 per user, which is a one-time fee. This is at the low end of the pricing spectrum.