Two Factor Authentication for VPN


Published on

This whitepaper details how ArrayShield IDAS Two Factor authentication system can be integrated with VPN

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Two Factor Authentication for VPN

  1. 1. Two-Factor Authentication Solution for VPNTwo-Factor Authentication Solution for VPN Problem with existing VPN authentication For a successful business, organizations must provide their employees with secure remote access. The preferred way for companies to allow secure remote access is via a Virtual Private Network (VPN) over existing Internet connections. Although, VPN technology ensure the privacy of data transmission over public domain by creating an encrypted “tunnel” through the public network, but do not strongly protect unauthorized access to the organization’s assets. This happens because simple username and password is used to protect the access to most VPNs. So, information that is secure while in transit may just be ending up in the wrong hands at its final destination.SolutionArrayShield innovative two factor authentication system - IDAS provides a simple and secureremote access to Organization’s network infrastructure using VPN technology. By using itsinnovative pattern based authentication it provides One-Time-Secret-Code for every logintransaction.In IDAS every user is shown with a matrix on the VPN login screen which is populated withrandom characters for every transaction. User has to choose a pattern which is a sequence ofcells in the matrix and should register the same with the system prior accessing the VPN. Atranslucent card is provided to each user which has a similar structured matrix with transparentand opaque cells and some random characters imprinted on the opaque cells. Each card isunique in terms of the position of the opaque cells and the characters imprinted on them.At the time of accessing the resource through VPN the user is shown with the randomlypopulated matrix as a challenge. The user overlaps the translucent card on the shown matrixand will key in the characters present in the chosen pattern in the same order as a response.These characters form the One-Time-Secret-Code for the user for that transaction. TheArrayShield server verifies the user credentials by comparing user’s registered pattern and thepattern values entered by the user. Access is given to the user if the user credentials are valid. ArrayShield | Page 1
  2. 2. Two-Factor Authentication Solution for VPNThe ArrayShield IDAS VPN solution is designed to integrate with your existing infrastructure tominimize downtime and to reduce huge deployment costs that other solutions have. IDASworks with all the top VPN providers, including Juniper, Fortigate, Check Point, Sonicwall,OpenVPN, Cyberoam and WatchGaurd. The convenient web management console givesadministrators an added tool that makes managing accounts easier.Integration FlowThe following diagram shows how an VPN server can be integrated with ArrayShield IDAS twofactor authentication to secure access through VPN. Figure: Integration flow diagram for the VPN authentication with ArrayShield IDAS ArrayShield | Page 2
  3. 3. Two-Factor Authentication Solution for VPNFeaturesInnovative TechnologyArrayShield IDAS is patent pending (globally) and has won several awards/recognitions invarious forums for its innovative concept.High Level of SecurityArrayShield IDAS product leverages advanced Encryption methodologies (like Industry StandardAES (128/192/256 bit) algorithms as well as in-house developed advanced cryptographictechniques) and follows Industry Standard Guidelines and Best Practices.Ease of UseArrayShield is based on user-intuitive patterns which are easy to remember than complexpasswords than can be easily compromised.Easy to IntegrateArrayShield IDAS product will seamlessly integrate with existing enterprise environments withimproved user experience. No expertise is required for integration.Interoperable SystemArrayShield IDAS can also be configured as add-on module with various products of leadingtechnology players. Support is available for SAML, LDAP, RADIUS, TACACS protocol etc.Easy to DeployArrayShield IDAS can be easily deployed in days (not in weeks) because of easy-to-configure APIbased system.Easily CustomizableArrayShield IDAS can be easily customized to the unique needs of every organization. Oncedeployed, organizations can also configure the security strength and mechanism to the amountof risk involved in the user’s role and usability requirements.Highly ScalableArrayShield IDAS can be easily scaled with huge user population without affecting theperformance and usability. ArrayShield | Page 3
  4. 4. Two-Factor Authentication Solution for VPNBenefitsLow Total Cost of OwnershipArrayShield IDAS provides Strong Authentication at a fraction of cost of traditional alternatives.Minimal Cost is incurred during purchase as well as maintenance. As there is no need of havingcostly hardware tokens or transactional costs incurred because of SMS etc, ArrayShield’sProduct provides lowest Total Cost of Ownership. No costly server hardware needed.Mobility of the userAs ArrayShield uses a simple plastic card that can be carried on the go, it doesn’t have anydependencies. Hence user will be able to access the application any-time, any-where.Provides peace of mindProtects Organizations and customers from Online Identity and data theft, hence provide peaceof mind.Provides Compliance with regulationsRegulatory agencies agree that passwords are a weak link and are requiring companies toimplement stronger authentication. ArrayShield IDAS is a rapid, cost-effective way to complywith Industry Guidelines, Security Standards and other Industry regulations.ConclusionBy using ArrayShield IDAS Two-Factor authentication solution, organizations can enable thesecure remote access to their networks through VPN technology. The solution will makeorganizations of all sizes and complexities extend the reach of extranets to remote employees’in-line with organization’s business strategy. ArrayShield | Page 4