Firewall Wizards mailing list archives
Re: One Time Password Tokens
From: Luke Butcher <luke.butcher () alphawest com au>
Date: Mon, 27 Oct 2003 08:50:35 +1100
Rafael, On Tue, 2003-10-21 at 19:00, Rafael Teixeira wrote:
Can anyone point me to some solutions for a two factor solution for online banking ?
Whether it be for banking or other the solutions are basically the same.
Something that provide users with tokens (Digipass, etc.), so that they can log on and make transactions.
Have you looked at RSA SecureID.
I'm worried about backend performance (simultaneous logons, resiliance, redundance, load balancing,etc.) of authentication and authorization services.
I've used RSA with great success in several places now. As for the issues of redundancy/load balancing they are solved by the usual HA server solutions. Although I note from the website: "RSA ACE/Server Advanced is qualified to run on HP ServiceGuard high availability hardware systems." As for performance/resilience the largest site I saw running it the RSA ACE/Server was installed on top of a Steel Belted Radius Server to allow devices to talk radius to authenticate (more devices are starting to support RSA natively now). It ran hundreds of auths simultaneously and the only problems we had were user related. "Why wont my RSA token swim?" Disclaimer: We are an RSA partner (I think) Regards, Luke Butcher Network/Security Consultant Alphawest -- Alphawest Disclaimer --------------------------------------------------------------------------- If this communication is not intended for you and you are not an authorised recipient of this email you are prohibited by law from dealing with or relying on the email or any file attachments. This prohibition includes reading, printing, copying, re-transmitting, disseminating, storing or in any other way dealing or acting in reliance on the information. If you have received this email in error, we request you contact Alphawest immediately by returning the email to postmaster () alphawest com au and destroy the original. This email is confidential and may contain privileged client information. Alphawest has taken reasonable steps to ensure the accuracy and integrity of all its communications, including electronic communications, but accepts no liability for materials transmitted. --------------------------------------------------------------------------- _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- One Time Password Tokens Rafael Teixeira (Oct 22)
- Re: One Time Password Tokens Luke Butcher (Oct 27)