Network Computingwww.networkcomputing.com

CryptoAdmin focuses on providing a means to distribute the user management task across your organization. Under this design, the CryptoAdmin server can update the user database, initialize tokens and coordinate the client-side CryptoServer requests. The CryptoServer client-based administration software handles remote-administration tasks and can be used to configure, manage and recall tokens on site. These changes are then synchronized with the CryptoAdmin server to provide an accurate user database via distributed management. This system lends itself well to managing a large number of users and tokens in a multiplatform environment that demands flexibility.

Working with the CryptoAdmin server, it was easy to see that the developers come from a Unix background. Several key steps in server configuration are handled via command-line interface and the packages offer both GUI and command-line settings throughout the system. On the GUI side, a server configuration wizard takes most of the guesswork out of the setup. We ran into one error during the server configuration that slowed us down as we tried to add clients. A malformed entry in the client-configuration file was corrupting server attempts to parse the file. After a bit of text editing, we were back in business. This error is perhaps a result of the mixed command-line/ GUI environment. We recommend sticking with one interface if possible.

Two clients are included in the CryptoCard package. CryptoAgent for Windows 95/98 is the standard desktop authentication client. Built to interface with Windows dial-up networking, the client integrated easily with the desktop and provided just the right balance of features. The other available install is the CryptoAdmin Client. This desktop addition lets remote operators authenticate against the CryptoAdmin server and (depending on their access levels) remotely manage the server's user database. This was the easiest remote user management administration system we tested and we found user management easy and (gasp!) a welcome task. We were able to authenticate against the server remotely and then added, deleted and modified users and groups. For a distributed environment, token/user management can be decentralized to provide better user support while not giving away the keys to the castle. Like the users they support, remote administrators are only allowed access to what the server admin defines. This works well in distributed environments where an operator or helpdesk might be responsible for handling token management, but does not have rights to alter user permissions on the server. CryptoCard provides an uncomplicated approach to these scenarios without the configuration overhead found in Security Dynamics' product.

Once established in the user database, a user is assigned a token. We evaluated the CryptoCard RB-1 hardware token. This nifty device can be configured via the bulky RB-1 initializer hardware (by connecting to a serial port) or via hand programming.

Aside from the overly clever initialization process, the CryptoCard token is a well-developed unit that demonstrates keen insight on the part of its developers. We were impressed with the ability to reprogram the cards by hand. There are also several administrative backdoors that allow in-the-field maintenance to be conducted. Unfortunately, most of the time, our big fingers tended to too easily mash the wrong buttons. The buttons themselves are touchpads and were often temperamental in responding when we pressed the keys.

For the organization that wants to develop its own applications or interfaces to its strong authentication system, CryptoCard provides readily available system-development kits for each platform it supports. In all, the CryptoCard package is a well-designed and innovative product. Its balanced feature set will fit well into most environments and the distributed management system will ease support while providing a scalable solution. Couple these points with open-development support and you have a competitive solution in the strong user authentication market.

CryptoAdmin 4.0, starts at $5,000, CryptoCard, (800) 514-8809, (613) 599-2441; fax (613) 599-2442. www.cryptocard.com or info@cryptocard.com