Quest Software Defender 5.3
February 01, 2009
£55.90 per enabled user licence, with additional hw/sw token cost
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Functionality, ease of use, integration options, strong two-factor authentication
- Weaknesses: Can get quite costly in an enterprise deployment
- Verdict: Provides plenty of features for a fair price
Quest Defender 5.3 provides strong two-factor authentication through a variety of token options. It is an all-inclusive offering delivering both client-side and server-based functionality and management.
The initial implementation took some time but the end result was a surprisingly easy-to-use interface. Defender 5.3 interfaces with Microsoft Active Directory, extending the Schema and utilising AD tools and techniques. The Defender security server and management GUI were both easy to navigate and understand, even without the documentation, which was detailed and complete.
The solution provides many enterprise features, such as: load balancing and redundancy for multiple points of authentication; numerous token support options; extensive reporting and auditing; LDAP, AD and Radius integration; synchronous and asynchronous authentication scenarios; and self-provisioning.
We tested the Defender desktop login that provided two-factor authentication to the desktop. We also tested the optional Defender reporting feature and were impressed with its capabilities. Additional options that we did not test include: Defender WebMail, web-based access to email; Defender Self Registration, that allows users to self register their tokens; and Defender EAP Agent, support for two-factor authentication for VPN and RRAS Server.
We tested with Quest Digipass Go-3 hardware one-time tokens. Defender has support for OATH-compliant tokens, as well as a wide array of soft and hard tokens from Digipass and Defender. It also has tokens for mobile devices running Palm, Windows Mobile or BlackBerry. The software tokens can be installed on the device or on a removable media device, to provide added security. One-time passwords can be sent to mobile devices using SMS, turning a mobile phone or PDA into a hardware token.
The documentation was great; we used it for the installation but did not really require it for the remaining effort. Support options include standard 8/5, with options to upgrade to 24/7.
This is a really nice enterprise solution that is easy on the user and system administrator.
SC Webcasts UK
Sign up to our newsletters
DV Cleared Systems Architect - 6 Months - London
Computerfutures - London (North), London (Greater)
CISO – Chief Information Security Officer (Up to £100K)
Evolution Recruitment - London (North), London (Greater)
Head of Security Strategy – London
Evolution Recruitment - London (West), London (Greater)
Information Security Manager
Infosec People - Hammersmith, West London
Associate Professor in Cyber Security and Networking
Edinburgh Napier University - Edinburgh, City of Edinburgh
SC Magazine UK Articles
- Russia's Central Bank introduces new mandatory cyber-security regulations
- Singapore to shut off internet access for government agencies
- What exactly will this new bill of rights mean for privacy laws within the UK?
- Epic hack, thousands of salted logins stolen
- 6 in 10 universities hit by ransomware, 2/3 hit multiple times
- SC Awards Europe 2016 winners announcements!
- Microsoft ends common password use and password lockout
- ISIS radicalises 'lone wolves' through strong social media presence
- 1.5 billion Windows computers potentially affected by unpatched 0-day exploit
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: Russian banks, Singapore, ransomware on campus, gaming hacks and more Snowden
- Advocacy groups urge FCC in the US to address connected car technology threat
- Lost devices leading cause of data breaches, report
- WhatsApp to share customer data with Facebook
- Hackers exploit vBulletin flaw to access 27M accounts on 11 websites