TweetFollow Us on Twitter

CRYPTOCard's CRYPTO-Server 6.3 for OS X

Volume Number: 22 (2006)
Issue Number: 2
Column Tag: Review

CRYPTOCard's CRYPTO-Server 6.3 for OS X:

Eliminate Insecure Static Passwords

by MacTech Staff

It is no secret that static passwords are the weakest link in the security chain, but until recently, there really was no Mac-specific alternative. That all changed when authentication technology vendor CRYPTOCard released its first two-factor authentication solution for OS X Panther at MacWorld 2004 - winning a MacWorld "Best of Show" award in the process.

CRYPTOCard has now launched a new version of its CRYPTO-Server authentication solution for OS X Tiger. Again, the basic premise of this technology is simple - it replaces inherently weak static passwords with secure two-factor authentication. To log on to a protected network or resource, a user must combine their security PIN (something only they know) with a one-time passcode that is randomly generated by their token for each logon (something only they have).


The new version of CRYPTO-Server does a good job of leveraging Tiger's robust support for smart card environments, but users can also opt for PIN pad tokens, key chain tokens, or software tokens. Each form factor offers unique advantages and characteristics, enabling organizations to tailor their authentication solution according to their own needs. Hardware tokens feature field-replaceable batteries that can be swapped in-service to extend device lifespan indefinitely.

We are pleased to report that our experience testing the new Tiger product was a good one. The CRYPTO-Server package contained everything required to set up the solution, and the instruction manual was clear, accurate, and easy to follow. The product emphasizes ease-of-use and tight integration with Apple's Open Directory LDAP services and as a result, installation was straightforward and relatively painless. There are also features that will simplify implementation in a real-world environment, such as a self-enrolment component called CRYPTO-Deploy, which enables users to remotely assign and activate their hardware tokens via a Web page.

Once the CRYPTO-Server install is completed, a user will need to install the CRYPTO-Console module, an intuitive Graphical User Interface (GUI) which provides the management interface to CRYPTO-Server. CRYPTO-Console enables administrators to manage tokens, users (in non-LDAP deployments), and groups, while also providing server licensing, system configuration, and reporting functions.

The CRYPTO-Console interface is well thought out and easy to navigate, providing administrators with screens for viewing/editing users, tokens, containers, objects, and attributes. Search functions accept regular expressions for ease of use and the GUI architecture is logical and intuitive. Detailed management options are available by highlighting an object, and then Ctrl-clicking it to display drop-down menu items.

The solution appears to be extremely flexible, and can easily be enhanced and expanded with a variety of agents and plug-ins that extend strong two-factor authentication to existing Web, mail, and other security appliance infrastructure nodes. For example, the CRYPTO-Logon for Mac OS X component makes it easy for Mac users attempting to gain secure LAN, Web, or remote access to authenticate themselves by simply inserting their smart card and entering their PIN.

All CRYPTO-Server tokens generate a unique password for every logon attempt, which makes stolen credentials useless to hackers, while simultaneously ensuring Tiger and Panther users do not have to memorize complicated credentials. CRYPTOCard points out that this can significantly reduce the help-desk costs associated with password management while simultaneously eliminating the obvious security risks of "shoulder surfing" and users writing down their passwords.

CRYPTO-Server is also the first solution we have tested that supports two-factor authentication for Apache Web servers via its CRYPTO-Web component. (If you know of others, please let us know!) Using CRYPTO-Web we were able to secure a website, and then authenticate to it with a configured token. CRYPTO-Web should make it a simple process for administrators to secure websites by requiring users to authenticate with their token in order to gain access. Companies can also leverage out-of-the-box interoperability with network entities that provide native RADIUS support.

Unlike CRYPTOCard's original OS X offering, which only provided client side authentication, the latest version of CRYPTO-Server for OS X also provides enterprise-ready functionality like "High Availability" which utilizes real-time multi-master replication functionality to ensure there is no single point of breakdown by switching to a replica server in the event of system failure. This is important as it means that the authentication solution can now meet the security needs of any sized organization.


Another unique feature of CRYPTO-Server is that it offers cross-platform capability. This is important news for the majority of organizations that employ heterogeneous network environments in which any combination of Windows, Linux, or OS X servers can support any client/end-user systems running on any of the three platforms.

Other useful CRYPTO-Server features include RSA migration functionality that enables RSA SecurID DES tokens to be imported into the CRYPTO-Server, and CRYPTO-Kit, a software developer's kit that provides developers with the tools required to integrate CRYPTOCard's technology with existing security applications/systems.

We found CRYPTO-Server for OS X to be very well thought out. Documentation is simple to follow, and the product does a good job of supporting authentication requirements, including a full compliment of token form factors which should make it simple for any sized organization to customize an authentication solution to meet security requirements. The technology makes system configuration simple for administrators, while the familiar ATM-style logon process is easy for users to grasp.

CRYPTOCard was the first authentication vendor to provide real two-factor authentication for the Mac, and we found that the latest version of its technology gives the company a good basis to claim leadership in the OS X authentication marketplace.


CRYPTO-Server for OS X is available in a "Five-User Kit," which includes full server software, five tokens of the user's choice, and 30 days support, for $499. This compares favorably with other similar products from other large, well-established vendors. The innovative all-you-need-in-one-box format also makes it simple for an organization to build their security solution as required. CRYPTOCard offers a free trial download of the CRYPTO-Server technology on its website at www.cryptocard.com. 

CRYPTOCard Corp.
340 March road
Suite 600
Kanata, Ontario. K2K 2E4
Canada

Phone: :     North America   800-307-7042
             International  +1-613-599-2441

Fax:  +1-613-599-2442
Web:  www.cryptocard.com
E-mail:  info@cryptocard.com

The MacTech Staff are a group of hard workers whose goal it is to bring you great new information on all things related to the Macintosh.

 
AAPL
$433.26
Apple Inc.
-1.32
MSFT
$34.87
Microsoft Corpora
+0.79
GOOG
$909.18
Google Inc.
+5.31

MacTech Search:
Community Search:

Software Updates via MacUpdate

OnyX 2.6.9 - Maintenance and optimizatio...
OnyX is a multifunctional utility for OS X. It allows you to verify the startup disk and the structure of its System files, to run miscellaneous tasks of system maintenance, to configure the hidden... Read more
Apple iTunes 11.0.3 - Manage your music,...
Apple iTunes lets you organize and play digital music and video on your computer. It can automatically download new music, app, and book purchases across all your devices and computers. And it's a... Read more
Spotify 0.9.0.133. - Stream music, creat...
Spotify is a new way to enjoy music. Simply download and install. Before you know it you'll be singing along to the genre, artist, or song of your choice. With Spotify you are never far away from... Read more
JollysFastVNC 1.46 - Fast VNC client. (S...
JollysFastVNC is a VNC client which aims to become the best VNC client on the Mac. When I started ScreenRecycler I thought that there are enough VNC clients out there to support it. When the program... Read more
Skitch 2.5.2 - Take screenshots, annotat...
Skitch allows you to take screenshots on your Mac, edit them and share them with others. It makes the sharing process seamless by making it a natural workflow to send the image (with edited arrows... Read more
Backblaze 2.1.0.608 - Online backup serv...
Backblaze is an online backup service, available fo $5/month for unlimited storage. With half of the founding team heralding from Apple, Backblaze is deeply committed to the Mac platform. The... Read more
The Cave 1.0.0 - Adventure game featurin...
The Cave is an adventure game that offers a unique blend of fast-paced action, mind-bending puzzles, and winning humor. Assemble your team and embark on a journey into the shadowy underworld. Once... Read more
StatsBar 1.4 - Monitor system processes...
StatsBar gives you a comprehensive and detailed analysis of the following areas of your Mac: CPU usage Memory usage Disk usage Network and bandwidth usage Battery power and health (MacBooks only)... Read more
Thunderbird 17.0.6 - Email client from M...
As of July 2012, Thunderbird is no longer being actively developed, although security improvements will continue to be released as needed. Thunderbird is a free, open-source, cross-platform e-mail... Read more
Adobe Flash Player 11.8.800.50 - Multime...
Adobe Flash Player is a cross-platform, browser-based application runtime that provides uncompromised viewing of expressive applications, content, and videos across browsers and operating systems.... Read more
 

See All

This Week at 148Apps: May 13-17, 2013
We Are Your App Review Source   | Read more »
Second Home – Xbox Live Indie Developers...
The indie game development scene has been around for an incredibly long time; pretty much ever since people had the opportunity to program for themselves. However it wasn’t until shareware became a common method of distribution the 90s that it began... | Read more »
The Simpsons: Tapped Out Adds New Charac...
The Simpsons: Tapped Out Adds New Character and Locations In Latest Update Posted by Andrew Stevens on May 17th, 2013 [ permalink ] | Read more »
Fast & Furious 6: The Game Review
Fast & Furious 6: The Game Review By Jennifer Allen on May 17th, 2013 Our Rating: :: SPEEDY YET SLOW PACEDUniversal App - Designed for iPhone and iPad It’s not that Fast & Furious 6 isn’t a fun drag racer, it’s just that... | Read more »
N.O.V.A. 3 – Near Orbit Vanguard Allianc...
N.O.V.A. 3 – Near Orbit Vanguard Alliance Is Free For Today Only Posted by Andrew Stevens on May 17th, 2013 [ permalink ] Universal App - Designed for iPhone and iPad | Read more »
Turbo Racing League Is Now Available, Pr...
Turbo Racing League Is Now Available, Provides Players A Chance To Win Cash Prizes Posted by Andrew Stevens on May 17th, 2013 [ permalink ] | Read more »
Running with Friends Review
Running with Friends Review By Blake Grundman on May 17th, 2013 Our Rating: :: FAMILIAR, YET FUNUniversal App - Designed for iPhone and iPad A game may look and play identically to other titles on the market, but this is one that... | Read more »
Festival de Cannes Lets You Experience T...
Festival de Cannes Lets You Experience The Festival In Real Time Posted by Andrew Stevens on May 17th, 2013 [ permalink ] | Read more »
Sonic the Hedgehog’s Remastered Version...
The original Sonic the Hedgehog has been remastered for iOS, a la Sonic CD. | Read more »
tenXer Tracks All Your Activities And Re...
tenXer Tracks All Your Activities And Reports Them For You Posted by Andrew Stevens on May 17th, 2013 [ permalink ] iPhone App - Designed for the iPhone, compatible with the iPad | Read more »
See All

Price Scanner via MacPrices.net

Apple now offering full line of refurbished iMacs...
Apple has Apple Certified Refurbished 2012 iMacs in stock today for up to $330 off MSRP – 15% off. Each iMac comes with an Apple one-year warranty, and shipping is free: - 21″ 2.7GHz iMac: $1099 $100... Read more
Save up to $200 on MacBooks with Apple Education p...
Purchase a new 2012 MacBook Pro, MacBook Pro with Retina Display, or MacBook Air at The Apple Store for Education and take up to $200 off MSRP. All teachers, students, and staff of any educational... Read more
15″ MacBook Pros (Apple refurbished) in stock star...
The Apple Store has several Apple Certified Refurbished 15-inch MacBook Pros in stock today, with models starting at $1489. Each MacBook Pro comes with Apple’s one-year warranty, and home shipping (... Read more
Save up to $100 on iMacs with Apple Education disc...
Take up to $100 off the price of a new 21″ or 27″ iMac at The Apple Store for Education. All students, teachers, and staff at any educational institution qualify for the discount, and shipping is... Read more
Mac mini Server on sale for $50 off MSRP
B&H Photo has the 2012 Mac mini Server on sale for $949 including free shipping plus NY sales tax only. Their price is $50 off MSRP, and it’s the lowest price available for this model. B&H... Read more
Steve Jobs Triumphs Posthumously In Platform Wars...
The Register’s Paul Kunert says it’s finally official – the epic battle of legendary Apple CEO Steve Jobs is finally won, now that he has toppled the PC platform from beyond the grave, in the UK, at... Read more
Microsoft Surface Pro vs Apple MacBook Air 11in
Stuff has posted a concise comparo review of the Microsoft Surface Pro tablet PC versus Apple’s 11.6-inch MacBook Air, noting that both machines offer a full desktop OS and a current-generation Intel... Read more
Pixelmator 2.2 First Week Downloads Top Half a Mil...
The Pixelmator Team has announced that Pixelmator 2.2 downloads have topped half a million since last Thursday, making it the most successful release in Pixelmator history. With over 100 new features... Read more
AppleCare Protection Plans on sale for up to $105...
B&H Photo has 3-Year AppleCare Warranties on sale for up to $105 off MSRP including free shipping plus NY sales tax only: - Mac Laptops 15″ and Above: $244 $105 off MSRP - Mac Laptops 13″ and... Read more
27″ Apple Display (refurbished) available for $829...
The Apple Store has Apple Certified Refurbished 27″ Thunderbolt Displays available for $829 including free shipping. That’s $170 off the cost of new models. Read more
 

Jobs Board

*Apple* Retail - Manager - Apple (Unite...
Job SummaryKeeping an Apple Store thriving requires a diverse set of leadership skills, and as a Manager, youre a master of them all. In the stores fast-paced, dynamic Read more
*Apple* At-Home Team Manager - Apple (U...
Changing the world is all in a day's work at Apple . If you love innovation, here's your chance to make a career of it. You'll work hard. But the job comes with more than Read more
*Apple* Retail - Manager - Apple Inc. (...
Job SummaryKeeping an Apple Store thriving requires a diverse set of leadership skills, and as a Manager, you're a master of them all. In the store's fast-paced, dynamic Read more
*Apple* Support Engineer - Systemtec, I...
Apple Support Engineer SYSTEMTEC. FIND YOUR NEW CAREER PATH! Technology projects within organizations present unique opportunities. By offering your expertise within a Read more
*Apple* Engineer - DP Professionals Inc...
DP Professionals is seeking an Apple Engineer for a contract in Charleston, SC. The Apple Engineer will provide Mac and iOS device and application support, and Read more

  • Generate a short URL for this page:



All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.