Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: One Time Password Tokens

From: Luke Butcher <luke.butcher () alphawest com au>
Date: Mon, 27 Oct 2003 08:50:35 +1100

Rafael, 
On Tue, 2003-10-21 at 19:00, Rafael Teixeira wrote:

Can anyone point me to some solutions for a two factor solution for 
online banking ?

Whether it be for banking or other the solutions are basically the same.


Something that provide users with tokens (Digipass, etc.), so that they 
can log on and make transactions.

Have you looked at RSA SecureID.


I'm worried about backend performance (simultaneous logons, resiliance, 
redundance, load balancing,etc.) of authentication and authorization 
services.

I've used RSA with great success in several places now. As for the
issues of redundancy/load balancing they are solved by the usual HA
server solutions. Although I note from the website: "RSA ACE/Server
Advanced is qualified to run on HP ServiceGuard high availability
hardware systems."

As for performance/resilience the largest site I saw running it the RSA
ACE/Server was installed on top of a Steel Belted Radius Server to allow
devices to talk radius to authenticate (more devices are starting to
support RSA natively now). It ran hundreds of auths simultaneously and
the only problems we had were user related. 
"Why wont my RSA token swim?"

Disclaimer: We are an RSA partner (I think)

Regards,
Luke Butcher
Network/Security Consultant
Alphawest
--


Alphawest Disclaimer

---------------------------------------------------------------------------
If this communication is not intended for you and you are not an authorised
recipient of this email you are prohibited by law from dealing with or
relying on the email or any file attachments. This prohibition includes
reading, printing, copying, re-transmitting, disseminating, storing or in
any other way dealing or acting in reliance on the information.
If you have received this email in error, we request you contact Alphawest 
immediately by returning the email to postmaster () alphawest com au and
destroy the original. This email is confidential and may contain privileged
client information. Alphawest  has taken reasonable steps to ensure the
accuracy and integrity of all its communications, including electronic
communications, but accepts no liability for materials transmitted.
---------------------------------------------------------------------------
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: