September 01, 2006
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Great range of authentication devices
- Weaknesses: Can be complex to integrate
- Verdict: Can be difficult to integrate with your web applications but it has got an excellent range of authentication devices and good support
Gemalto, formed through the merger of Axalto and Gemplus, sent us Protiva, which is designed to add two-factor authentication to network identities. Protiva does this via smart cards, providing secure access to resources such as web portals.
And Gemalto can supply one of the largest range of smart cards that we've seen. First, there are standard smart card readers and traditional tokens that generate single-use keys. On top of that, the company also has SIM cards that can be placed into any SIM-unlocked phone.
Probably most useful, though, are the USB devices. With the Protiva plug-in, single-use keys can be generated and automatically entered into a website by clicking the button in your browser's toolbar. With so many devices available it should be easy to find the ideal authentication type for your users and partners.
The system is controlled by the Protiva Server, which can be installed on Windows 2003 or RedHat Linux, and it needs a Java-compatible web application server, such as Apache's TomCat. The server can use MySQL or Active Directory as the data store, and works with OATH or EMV cryptographic standards. Radius servers including Microsoft's IAS and Funk Software's Steel Belted Radius are also supported.
The system is managed through the customer care web portal, which gives you access to all the standard management applications. You also add and administer your authentication devices from here. Once they've been added, you can give them to a user, who registers their account with the server. Only then can you modify that user's permissions. It is a shame that you can't create user accounts directly through the portal. However, there is a batch processor, which lets you import multiple devices and users.
The system comes with a set of defaults, but you can quickly define your own user roles and authentication policies, which can be assigned on a per-user or per-group basis.
Gemalto provides its demo portals with the software, which are useful to get an idea of how the system works. To build your own corporate sites, you'll need developers to work with the authentication server and the supplied integration manual.
Provita's main strength comes from its wide device support and automatic key entry via USB. It's easier to install and configure than Thales's Authentication Server, but feels a little more rigid.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry