Re: [fw-wiz] One Time Password Tokens
From: Luke Butcher (luke.butcher_at_alphawest.com.au)
Date: 10/26/03
- Previous message: Luca Berra: "Re: [fw-wiz] Real Traffic Testing"
- In reply to: Rafael Teixeira: "[fw-wiz] One Time Password Tokens"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Rafael Teixeira <rpt@pobox.com> Date: Mon, 27 Oct 2003 08:50:35 +1100
Rafael,
On Tue, 2003-10-21 at 19:00, Rafael Teixeira wrote:
> Can anyone point me to some solutions for a two factor solution for
> online banking ?
Whether it be for banking or other the solutions are basically the same.
> Something that provide users with tokens (Digipass, etc.), so that they
> can log on and make transactions.
Have you looked at RSA SecureID.
> I'm worried about backend performance (simultaneous logons, resiliance,
> redundance, load balancing,etc.) of authentication and authorization
> services.
I've used RSA with great success in several places now. As for the
issues of redundancy/load balancing they are solved by the usual HA
server solutions. Although I note from the website: "RSA ACE/Server
Advanced is qualified to run on HP ServiceGuard high availability
hardware systems."
As for performance/resilience the largest site I saw running it the RSA
ACE/Server was installed on top of a Steel Belted Radius Server to allow
devices to talk radius to authenticate (more devices are starting to
support RSA natively now). It ran hundreds of auths simultaneously and
the only problems we had were user related.
"Why wont my RSA token swim?"
Disclaimer: We are an RSA partner (I think)
Regards,
Luke Butcher
Network/Security Consultant
Alphawest
-- Alphawest Disclaimer --------------------------------------------------------------------------- If this communication is not intended for you and you are not an authorised recipient of this email you are prohibited by law from dealing with or relying on the email or any file attachments. This prohibition includes reading, printing, copying, re-transmitting, disseminating, storing or in any other way dealing or acting in reliance on the information. If you have received this email in error, we request you contact Alphawest immediately by returning the email to postmaster@alphawest.com.au and destroy the original. This email is confidential and may contain privileged client information. Alphawest has taken reasonable steps to ensure the accuracy and integrity of all its communications, including electronic communications, but accepts no liability for materials transmitted. --------------------------------------------------------------------------- _______________________________________________ firewall-wizards mailing list firewall-wizards@honor.icsalabs.com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Luca Berra: "Re: [fw-wiz] Real Traffic Testing"
- In reply to: Rafael Teixeira: "[fw-wiz] One Time Password Tokens"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
