Entrust IdentityGuard 9.1
Strengths: Very strong offering, attractive price point, numerous options for user side
Weaknesses: Reporting and limited Windows logon options not up to expectation
Verdict: Nicely integrated platform, all you would need for any deployment. We rate this product Recommended
Entrust IdentityGuard 9.1 provides an enterprise platform enabling strong authentication for the Windows desktop, remote-access deployments, VPN and web-based apps. It is a versatile authentication platform enabling security across diverse users, transactions and applications.
Our evaluation was provided for us on a virtual platform, so we did not walk through the entire server-side installation. However, a review of the documentation convinces us it would be comparable to other solutions.
The management interface did not initially appear to be intuitive but we found that it was fairly easy to use and you did get used to it. It offered a single point of administration and logging, regardless of configuration.
IdentityGuard high-availability features support multiple repositories and failover. User audit details could be found in the web interface but we were unable to see a good reporting function for bringing those details to a usable, consolidated format.
This platform supported most hard and soft tokens, with a range of authentication capabilities to balance security, user experience and cost. Other authenticators supported include direct user interaction (OTP tokens, grids, knowledge-based and personal verification numbers) and transparent methods (device authentication, IP-geolocation), mutual authentication methods and machine authentication. Step-up authentication was supported, allowing the administrator to require one or more options to be presented to authenticate, based upon the sensitivity of the data. But only grid authentication is supported for Windows logon.
The Self Service Server lets the end user manage their registration and account admin, reducing the support burden on the IT staff.
There are several fee-based support options available, including phone- and web-based for both 8/5 and 24/7. The documentation was complete and accurate and walked us through everything we wanted to do.
The IdentityGuard offering was very impressive and a strong competitor for any enterprise strong-authentication and password-management project, earning it Recommended status.