Strengths: Clean deployment and superior options for integration into the organisation's digital fabric.
Weaknesses: None that we found.
Verdict: If you are looking for a front-end authentication portal that works well in a distributed environment, this one demands your consideration.
PortalGuard is a dedicated web-based portal that provides all strong authentication for the assets it supports. As has become popular, PortalGuard allows full branding and integrates cleanly and smoothly into the organisation's digital fabric. Technically, it may be deployed as an on-premises, cloud or hybrid implementation. It uses a REST API and can integrate into a variety of architectures that support such things as load balancing and fail-over, as well as allowing a distributed - multi-portal - deployment for large geographically distributed enterprises.
The portal supports most types of tokens - both software and hardware - and there is a free app for use with smartphones. It supports both SAML and non-SAML applications and just about every multifactor authentication scheme you can think of. RADIUS is built in. In short, PortalGuard is a very complete, well-conceived and executed package.
We started by examining the components of a PortalGuard implementation. In addition to the expected portal and strong authentication characteristics, there is a self-service component that allows users to perform such tasks as self-provisioning and password resets without recourse to the help desk. The administrative features are clean and comprehensive and the configuration was straightforward.
The configuration editor really is a policy editor and it is easy to use and very complete. Navigation is intuitive and we had no trouble following the setup approach necessary to deploy the portal and make it accessible to users. In terms of available one-time password tokens we did not note any important ones missing. In addition, there is a proprietary "PassiveKey" approach that uses the computer itself as the token.
User self-service includes account unlock, password reset and recovery. Retrieving forgotten usernames and self-registration. This trend has become popular enough to be a must-have, and PortalGuard implements it nicely saving a lot of help desk overhead.
Everything in PortalGuard is configurable so your implementation can be quite different from others. In fact, because you can tie several PortalGuard installs together, organisations that wish to brand deployments departmentally or throughout subsidiaries can do so even though the distributed portals are, actually, interconnected.
The RADIUS interface supports VPN authentication, Citrix authentication and virtual desktop infrastructure deployment. Event data can be stored using SQL Server 2005 or later and user directories can be Active Directory (single or multiple forests), LDAP, SQL or the IBM iSeries. Account management and reporting are comprehensive and intuitive to use. Both Windows and Mac clients are supported as are Android and iOS (with an additional free app).
The PortalGuard pricing model is simple. It is server-based so the number of actual users doesn't impact price. We found the price very reasonable and, of course, being a server-based approach, it is predictable. Eight-hours-a-day/five-days-a-week. Silver level support is included and 24/7 or 12/5 support packages (Platinum and Gold) are available at an extra cost. The website is rich with information, including such things as FAQs, white papers and documentation in the form of guide books.
We found the documentation to be complete and well-presented and, perhaps more important, there was a lot of collateral that was useful in assessing the approach that needed to be taken for various types of deployments, including addressing aspects of compliance. Overall, we found PortalGuard to be a first-rate example of the application of a web portal as a front-end for strong authentication.