TweetFollow Us on Twitter

CRYPTOCard's CRYPTO-Server 6.3 for OS X

Volume Number: 22 (2006)
Issue Number: 2
Column Tag: Review

CRYPTOCard's CRYPTO-Server 6.3 for OS X:

Eliminate Insecure Static Passwords

by MacTech Staff

It is no secret that static passwords are the weakest link in the security chain, but until recently, there really was no Mac-specific alternative. That all changed when authentication technology vendor CRYPTOCard released its first two-factor authentication solution for OS X Panther at MacWorld 2004 - winning a MacWorld "Best of Show" award in the process.

CRYPTOCard has now launched a new version of its CRYPTO-Server authentication solution for OS X Tiger. Again, the basic premise of this technology is simple - it replaces inherently weak static passwords with secure two-factor authentication. To log on to a protected network or resource, a user must combine their security PIN (something only they know) with a one-time passcode that is randomly generated by their token for each logon (something only they have).


The new version of CRYPTO-Server does a good job of leveraging Tiger's robust support for smart card environments, but users can also opt for PIN pad tokens, key chain tokens, or software tokens. Each form factor offers unique advantages and characteristics, enabling organizations to tailor their authentication solution according to their own needs. Hardware tokens feature field-replaceable batteries that can be swapped in-service to extend device lifespan indefinitely.

We are pleased to report that our experience testing the new Tiger product was a good one. The CRYPTO-Server package contained everything required to set up the solution, and the instruction manual was clear, accurate, and easy to follow. The product emphasizes ease-of-use and tight integration with Apple's Open Directory LDAP services and as a result, installation was straightforward and relatively painless. There are also features that will simplify implementation in a real-world environment, such as a self-enrolment component called CRYPTO-Deploy, which enables users to remotely assign and activate their hardware tokens via a Web page.

Once the CRYPTO-Server install is completed, a user will need to install the CRYPTO-Console module, an intuitive Graphical User Interface (GUI) which provides the management interface to CRYPTO-Server. CRYPTO-Console enables administrators to manage tokens, users (in non-LDAP deployments), and groups, while also providing server licensing, system configuration, and reporting functions.

The CRYPTO-Console interface is well thought out and easy to navigate, providing administrators with screens for viewing/editing users, tokens, containers, objects, and attributes. Search functions accept regular expressions for ease of use and the GUI architecture is logical and intuitive. Detailed management options are available by highlighting an object, and then Ctrl-clicking it to display drop-down menu items.

The solution appears to be extremely flexible, and can easily be enhanced and expanded with a variety of agents and plug-ins that extend strong two-factor authentication to existing Web, mail, and other security appliance infrastructure nodes. For example, the CRYPTO-Logon for Mac OS X component makes it easy for Mac users attempting to gain secure LAN, Web, or remote access to authenticate themselves by simply inserting their smart card and entering their PIN.

All CRYPTO-Server tokens generate a unique password for every logon attempt, which makes stolen credentials useless to hackers, while simultaneously ensuring Tiger and Panther users do not have to memorize complicated credentials. CRYPTOCard points out that this can significantly reduce the help-desk costs associated with password management while simultaneously eliminating the obvious security risks of "shoulder surfing" and users writing down their passwords.

CRYPTO-Server is also the first solution we have tested that supports two-factor authentication for Apache Web servers via its CRYPTO-Web component. (If you know of others, please let us know!) Using CRYPTO-Web we were able to secure a website, and then authenticate to it with a configured token. CRYPTO-Web should make it a simple process for administrators to secure websites by requiring users to authenticate with their token in order to gain access. Companies can also leverage out-of-the-box interoperability with network entities that provide native RADIUS support.

Unlike CRYPTOCard's original OS X offering, which only provided client side authentication, the latest version of CRYPTO-Server for OS X also provides enterprise-ready functionality like "High Availability" which utilizes real-time multi-master replication functionality to ensure there is no single point of breakdown by switching to a replica server in the event of system failure. This is important as it means that the authentication solution can now meet the security needs of any sized organization.


Another unique feature of CRYPTO-Server is that it offers cross-platform capability. This is important news for the majority of organizations that employ heterogeneous network environments in which any combination of Windows, Linux, or OS X servers can support any client/end-user systems running on any of the three platforms.

Other useful CRYPTO-Server features include RSA migration functionality that enables RSA SecurID DES tokens to be imported into the CRYPTO-Server, and CRYPTO-Kit, a software developer's kit that provides developers with the tools required to integrate CRYPTOCard's technology with existing security applications/systems.

We found CRYPTO-Server for OS X to be very well thought out. Documentation is simple to follow, and the product does a good job of supporting authentication requirements, including a full compliment of token form factors which should make it simple for any sized organization to customize an authentication solution to meet security requirements. The technology makes system configuration simple for administrators, while the familiar ATM-style logon process is easy for users to grasp.

CRYPTOCard was the first authentication vendor to provide real two-factor authentication for the Mac, and we found that the latest version of its technology gives the company a good basis to claim leadership in the OS X authentication marketplace.


CRYPTO-Server for OS X is available in a "Five-User Kit," which includes full server software, five tokens of the user's choice, and 30 days support, for $499. This compares favorably with other similar products from other large, well-established vendors. The innovative all-you-need-in-one-box format also makes it simple for an organization to build their security solution as required. CRYPTOCard offers a free trial download of the CRYPTO-Server technology on its website at www.cryptocard.com.

CRYPTOCard Corp.
340 March road
Suite 600
Kanata, Ontario. K2K 2E4
Canada

Phone: :     North America   800-307-7042
             International  +1-613-599-2441

Fax:  +1-613-599-2442
Web:  www.cryptocard.com
E-mail:  info@cryptocard.com

The MacTech Staff are a group of hard workers whose goal it is to bring you great new information on all things related to the Macintosh.

 

Community Search:
MacTech Search:

Software Updates via MacUpdate

Is there cross-platform play in slither....
So you've sunken plenty of hours into crawling around in slither.io on your iPhone or iPad. You've got your stories of tragedy and triumph, the times you coiled four snakes at one time balanced out by the others when you had a length of more than... | Read more »
Rodeo Stampede guide to running a better...
In Rodeo Stampede, honing your skills so you can jump from animal to animal and outrun the herd as long as possible is only half the fun. Once you've tamed a few animals, you can bring them home with you. [Read more] | Read more »
VoxSyn (Music)
VoxSyn 1.0 Device: iOS Universal Category: Music Price: $6.99, Version: 1.0 (iTunes) Description: VoxSyn turns your voice into the most flexible vocal sound generator ever. Instantly following even subtle modulations of pitch and... | Read more »
Catch Battleplans on Google Play from Ju...
Real-time strategy title Battleplans is due for release on Google Play on June 30th, following its release for iOS systems last month. With its simple interface and pretty graphics, the crowd-pleaser brings a formerly overlooked genre out for the... | Read more »
iDoyle: The interactive Adventures of Sh...
iDoyle: The interactive Adventures of Sherlock Holmes - A Scandal in Bohemia 1.0 Device: iOS Universal Category: Books Price: $1.99, Version: 1.0 (iTunes) Description: Special Release Price $1.99 (Normally $3.99) | Read more »
Five popular free apps to help you slim...
Thanks to retail and advertising, we're used to thinking one season ahead. Here we are just a week into the summer and we're conditioned to start thinking about the fall. [Read more] | Read more »
How to ride longer and tame more animals...
It's hard to accurately describe Rodeo Stampede to people who haven't seen it yet. It's like if someone took Crossy Roadand Disco Zoo and put them in a blender, yet with a unique game mechanic that's still simple and fun for anyone. [Read more] | Read more »
Teeny Titans - A Teen Titans Go! Figure...
Teeny Titans - A Teen Titans Go! Figure Battling Game 1.0.0 Device: iOS Universal Category: Games Price: $3.99, Version: 1.0.0 (iTunes) Description: Teeny Titans, GO! Join Robin for a figure battling RPG of epic proportions! TEENY... | Read more »
NinjAwesome: Tips and tricks to be a mor...
Sorry about that headline, but I'm going to go ahead and assume that GameResort would not have named its game NinjAwesome without expecting some of that. It is, in fact, pretty awesome the way it combines an endless runner and old school arcade... | Read more »
Into Mirror (Games)
Into Mirror 1.0 Device: iOS Universal Category: Games Price: $1.99, Version: 1.0 (iTunes) Description: "Is all that we see or seem, but a dream within a dream?"- Edgar Allan Poe New game by Lemon Jam Studio, the team behind Pursuit... | Read more »

Price Scanner via MacPrices.net

15-inch Retina MacBook Pros on sale for $200-...
B&H Photo has 15″ Retina MacBook Pros on sale for up to $210 off MSRP. Shipping is free, and B&H charges NY tax only: - 15″ 2.2GHz Retina MacBook Pro: $1799.99 $200 off MSRP - 15″ 2.5GHz... Read more
Mac minis on sale for up to $100 off MSRP
B&H Photo has Mac minis on sale for up to $100 off MSRP including free shipping plus NY sales tax only: - 1.4GHz Mac mini: $449 $50 off MSRP - 2.6GHz Mac mini: $649 $50 off MSRP - 2.8GHz Mac mini... Read more
Clearance 2015 13-inch MacBook Airs available...
B&H Photo has clearance 2015 13″ MacBook Airs available for $300 off original MSRP. Shipping is free, and B&H charges NY sales tax only: - 13″ 1.6GHz/4GB/128GB MacBook Air (MJVE2LL/A): $799.... Read more
Apple refurbished Mac minis available for up...
Apple has Certified Refurbished Mac minis available starting at $419. Apple’s one-year warranty is included with each mini, and shipping is free: - 1.4GHz Mac mini: $419 $80 off MSRP - 2.6GHz Mac... Read more
ABBYY TextGrabber: 1,000,000 Installs in 5 Da...
ABBYY, an international OCR technologies provider, has announced that their image-to-text application TextGrabber, got installed 1,000,000 times in just five days while being featured by the App... Read more
New SkinIt Waterproof Case For iPhone 6
With its impact and waterproof design, the Skinit Waterproof case provides security and protection to guarantee your phone will get you through even the most demanding outdoor conditions. The impact-... Read more
iMacs on sale for up to $150 off MSRP
B&H Photo has 21″ and 27″ iMacs on sale for up to $150 off MSRP including free shipping plus NY sales tax only: - 27″ 3.3GHz iMac 5K: $2181.11 $118 off MSRP - 27″ 3.2GHz/1TB Fusion iMac 5K: $1949... Read more
12-inch 1.1GHz Retina MacBooks on sale for $5...
B&H Photo has 2016 12″ 1.1GHz/256GB Retina MacBooks on sale for up to $50 off MSRP. Shipping is free, and B&H charges NY tax only: - 12″ 1.1GHz Space Gray Retina MacBook: $1249 $50 off MSRP... Read more
WWDC Announcements Revisited Still Underwhelm...
I was disappointed that no new MacBook hardware was announced at this year’s all-software World Wide Developer’s Conference. Not even a hint about what’s in the development pipeline. Of course, we... Read more
Twelve South Compass 2 iPad Stand Now Availab...
Twelve South has updated its most popular iPad stand, Compass 2, with the introduction of two new colors — Gold and Rose Gold. These new color options n perfectly complement the new Rose Gold iPad... Read more

Jobs Board

*Apple* iPhone 6s and New Products Tester Ne...
…we therefore look forward to put out products to quality test for durability. Apple leads the digital music revolution with its iPods and iTunes online store, Read more
Music Marketing Lead, iTunes & *Apple*...
…Music Marketing Lead is responsible for developing robust marketing campaigns and programs for Apple Music and iTunes across the whole of Apple ecosystem. This Read more
*Apple* Valley Medical Clinic is Hiring - AP...
Apple Valley Medical Clinic is Hiring! Apple Valley Medical Clinic is an independently owned practice operating a Family Medicine Clinic, a 24/7 Urgent Care, Read more
*Apple* New Products Testers Needed - Apple...
…we therefore look forward to put out products to quality test for durability. Apple leads the digital music revolution with its iPods and iTunes online store, Read more
*Apple* Solutions Consultant - APPLE (United...
Job Summary As an Apple Solutions Consultant, you'll be the link between our future customers and our products. You'll showcase your entrepreneurial spirit as you Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.