Quest Software Defender 5.3
February 01, 2009
£55.90 per enabled user licence, with additional hw/sw token cost
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Functionality, ease of use, integration options, strong two-factor authentication
- Weaknesses: Can get quite costly in an enterprise deployment
- Verdict: Provides plenty of features for a fair price
Quest Defender 5.3 provides strong two-factor authentication through a variety of token options. It is an all-inclusive offering delivering both client-side and server-based functionality and management.
The initial implementation took some time but the end result was a surprisingly easy-to-use interface. Defender 5.3 interfaces with Microsoft Active Directory, extending the Schema and utilising AD tools and techniques. The Defender security server and management GUI were both easy to navigate and understand, even without the documentation, which was detailed and complete.
The solution provides many enterprise features, such as: load balancing and redundancy for multiple points of authentication; numerous token support options; extensive reporting and auditing; LDAP, AD and Radius integration; synchronous and asynchronous authentication scenarios; and self-provisioning.
We tested the Defender desktop login that provided two-factor authentication to the desktop. We also tested the optional Defender reporting feature and were impressed with its capabilities. Additional options that we did not test include: Defender WebMail, web-based access to email; Defender Self Registration, that allows users to self register their tokens; and Defender EAP Agent, support for two-factor authentication for VPN and RRAS Server.
We tested with Quest Digipass Go-3 hardware one-time tokens. Defender has support for OATH-compliant tokens, as well as a wide array of soft and hard tokens from Digipass and Defender. It also has tokens for mobile devices running Palm, Windows Mobile or BlackBerry. The software tokens can be installed on the device or on a removable media device, to provide added security. One-time passwords can be sent to mobile devices using SMS, turning a mobile phone or PDA into a hardware token.
The documentation was great; we used it for the installation but did not really require it for the remaining effort. Support options include standard 8/5, with options to upgrade to 24/7.
This is a really nice enterprise solution that is easy on the user and system administrator.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Microsoft update left Azure Linux virtual machines open to hacking
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry