Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Fortifying Your Network-Access Control: Page 8 of 11

A global identity federation, in which a user identifies once and is recognized by all networks and applications, is a lovely concept, but for now, secure authentication that provides an acceptable level of identity assurance for one organization at a time seems a more reasonable goal. A move to strong passwords and on to two-factor authentication, with an end-game of enterprise SSO, is an economical and technologically feasible path for many companies--and a move you should be making or at least planning for.

CURTIS FRANKLIN JR. is a senior technology editor for Secure Enterprise and Network Computing. He was founder of the BYTE Testing Lab, director of labs for Client/ Server Labs and managing editor/ technology at InternetWeek. He has been writing about the computer and network industries since 1985. Write to him at [email protected].

As identity management becomes a more well-developed concept, the lines between authentication, authorization, directory services and policy management will blur. But for now, passwords are still the dominant method of securing enterprise data. That's not a comforting thought for security pros who realize that higher transaction values, increased customer and shareholder concern, and potentially punitive regulations make it vital to know, with certainty, every user's identity.

In "Strong Authentication," we explore the possibilities for fortifying network-access control. Whether you use beefed-up passwords, USB tokens, smart cards, biometrics or some combination thereof, you can move toward a safer network. To reduce the inherent complexity, we also consider SSO (single sign-on) and the progress on standards.

In "Not Just a Token Effort,", we put five enterprise-class, strong authentication systems through extensive tests. These products enable authentication through token use (proprietary or third-party) and can work with any common enterprise directory, providing a path to SSO. ActivCard's ActivPack AAA Server 6.3, Funk Software's Steel-Belted Radius 4.71, Lucent Technology's NavisRadius 4.0, Novell's Nsure SecureLogin 3.5 and Secure Computing's SafeWord PremierAccess all performed well, but NavisRadius blew us away. Make no mistake--you must know what's going on between the various pieces of your authentication infrastructure to take advantage of all the functionality NavisRadius offers. But if you do, the system's interface and scripting language make for an incredibly flexible experience. In addition, the product costs a pittance given its abilities, earning it not only our Editor's Choice but our Best Value award to boot.