Petri IT Knowledgebase Forums
 

Petri.co.il forums Home Forums Start Page Forums Frequently Asked Questions FAQ Member List Members List
Go Back   Petri IT Knowledgebase Forums > Security > General Security
Reload this Page

2 Factor Authentication

Petri.co.il is happy to award auglan the title of Most Valuable Member !!!
Register Calendar Calendar Search Petri IT Knowledgebase Forums Search Todays Posts Today's Posts Mark Forums Read

Notices

2 Factor Authentication

2 Factor Authentication

this thread has 4 replies and has been viewed 587 times

Closed Thread
 
Thread Tools Search this Thread Display Modes
  #1  
Old 6th August 2012, 09:41
Deland01 Deland01 is offline
Member
Staying around
  
 Join Date: Jan 2007
  6 month star 12 month star
 Posts: 273
 Reputation: Deland01 will become famous soon enough (66)
Default 2 Factor Authentication
I need to implement 2 factor authentication into my domain on all remote access connections.Does anyone have any recommendations on good systems / solutions?We currently use Citrix but are looking to also start using VPN clients on our laptops.
  #2  
Old 6th August 2012, 10:53
Dumber's Avatar
Dumber Dumber is online now
Moderator
  
 Join Date: Dec 2003
  6 month star 12 month star
 Location: The Netherlands
 Posts: 8,068
 Reputation: Dumber is a splendid one to beholdDumber is a splendid one to beholdDumber is a splendid one to beholdDumber is a splendid one to beholdDumber is a splendid one to beholdDumber is a splendid one to beholdDumber is a splendid one to behold (820)
Default Re: 2 Factor Authentication
RSA or Cryptocard is where I've positive experience with.
__________________
Marcel
Netherlands
http://www.phetios.com
http://blog.nessus.nl

MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
No matter how secure, there is always the human factor.
  #3  
Old 6th August 2012, 12:16
cruachan's Avatar
MVM cruachan cruachan is offline
Senior Member
MVM
  
 Join Date: Jun 2008
  6 month star 12 month star
 Location: Hamilton, Scotland
 Posts: 1,974
 Reputation: cruachan is just really nicecruachan is just really nicecruachan is just really nicecruachan is just really nice (351)
Default Re: 2 Factor Authentication
NAP under Server 2008 supports certifcate/smartcard authentication in association with PEAP as well.
__________________
BSc, MCSE, MCSA: Messaging, MCTS, STS, DCSE

Cruachan's Blog
  #4  
Old 6th August 2012, 12:19
Ossian Ossian is online now
Administrator
  
 Join Date: Nov 2003
  6 month star 12 month star
 Location: Bonnie Scotland
 Posts: 15,117
  Send a message via Skype™ to Ossian
 Reputation: Ossian has much to be proud ofOssian has much to be proud ofOssian has much to be proud ofOssian has much to be proud ofOssian has much to be proud ofOssian has much to be proud ofOssian has much to be proud ofOssian has much to be proud ofOssian has much to be proud ofOssian has much to be proud of (1300)
Default Re: 2 Factor Authentication
Do you have any investment in hardware already (fingerprint readers on laptops or smart card readers)? If so, this may help force your decision

Also ask yourself, what is the business case vs usernames and strong passwords?
__________________
Tom Jones
MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
PhD, MSc, FIAP, MIITT
IT Trainer / Consultant
Ossian Ltd
Scotland

** Remember to give credit where credit is due and leave reputation points where appropriate **
  #5  
Old 6th August 2012, 15:10
auglan's Avatar
auglan auglan is offline
Moderator
  
 Join Date: Apr 2010
  6 month star 12 month star
 Location: Raleigh, NC
 Posts: 1,183
 Reputation: auglan has a spectacular aura aboutauglan has a spectacular aura aboutauglan has a spectacular aura about (215)
Default Re: 2 Factor Authentication
Remote access vpn's with cisco routers and ASA's support xauth (extended authentication)as part of phase 1.5. So the client authenticates the correct "vpn group" then also is prompted for user authentication. This authentication can be local, RADIUS, TACACS , Active Directory with pre-shared keys or certificates. They also support group-lock which will prevent a user from logging into another vpn group. You can also look at SSL vpn's, either clientless or client based with the cisco anyconnect client. SSL clientless is by far the easiest for the end user as no client is required. You can also setup portfowards, favorites, smart tunnels etc per group/user. Pretty much the ASA/router acts as a SSL proxy.
__________________
CCNA, CCNA-Security, CCNP
CCIE Security (In Progress)
Last edited by auglan; 6th August 2012 at 15:14..
Closed Thread

« Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Would Half-Duplex factor into EIGRP route selection? caleban Cisco Routers & Switches How-to 2 14th November 2009 06:33
ISA and Authentication outstream General Security 8 18th July 2009 14:25
Forms Based Authentication and Windows Integrated Authentication bworchel Exchange 2000 / 2003 2 27th February 2009 02:12
2-factor authentication for MS Terminal Services JacoP General Security 10 15th June 2008 07:42
DC authentication tatasys Active Directory 19 11th August 2005 18:00


All times are GMT +3. The time now is 12:02.

Contact Us - Petri.co.il forums - Archive - Top
Steel Blue 3.5.4 vBulletin Style ©2006 vBEnhanced
Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
 

Valid XHTML 1.0!   Valid CSS!

Copyright 2005 Daniel Petri