IDConfirm 1000   In Production
 
 
 

The IDConfirm 1000 solution includes all components needed to deploy strong authentication in your organization.

Using IDConfirm 1000, enterprises can deploy strong authentication for a low total cost of ownership.
This is realized through packaged plug-and-play solutions that are adaptable to existing networks and AAA servers and built according to open OATH standards.
IDConfim offers the highest level of security for two-factor authenticationYou can choose from a wide range of connected or unconnected form factors including smart cards, tokens, and a mobile OTP phone application.Our software solutions are open, scalable and evolutive.

Features and Benefits
One-Time Password (OTP) credentials protection strong authentication solution for Mobile workers who want to access to their enterprise resources: VPNs, mail, web pages, etc.

Multiple Authentication devices (hardware, software) which allow adapted security solution choice

Easy  user adoption (easy to use)

Simple Management and Scalable for customer performance needs (from 1 user to 100K+)

Easy installation for standard configuration (less than 20 min) and integration in existing IT configuration

OTP high-end devices offer additional authentication methods (PKI, biometric)

Channel-friendly: packaging, provisioning, purchase and license generation

IDConfirm 1000 OTP Windows logon option: Strong Authentication OTP Solution for Microsoft� DirectAccess

News
AD FS MFA video and demo Available

AD FS MFA Adapter Available ( August 2014)

New FreeRadius Agent 4.1 (September 2014): Support for proxying requests to a different RADIUS server depending on the authentication response from IDConfirm 1000

Technical Specifications

Authentication methods:
IDConfirm 1000 uses the following methods for main authentication:
   - OATH HOTP
, TOTP (Event based, Time based)
   - SMS OTP
   - EMV CAP (OTP, challenge-response, transaction data signature).

Architecture:
IDConfirm 1000 is a Web application relying on the following Web servers:
   - Apache Tomcat on Windows and Linux,
   - Web Sphere on AIX/Windows
   - Any other Web server could be supported through a specific validation.
The chosen architecture allow "High Availability" and "Fail-Over" configuration relying on operating systems, databases and monitoring mechanisms.

Databases:
IDConfirm 1000 stores OTP related data and User data if needed (DB mode) in:
   - Firebird
   - MySQL
   - MS SQL
   - Oracle
   - Any other SQL database could be supported through a specific development

User Repository:
IDConfirm 1000can be connected to the following LDAP when Users account are managed externally (Mixed mode):
   - Microsoft Active Directory,
   - Novell eDirectory,
   - Open LDAP,
   - Any other LDAP could be supported through a specific development.

Authentication Services interface:
Authentication services are integrated using the following interfaces:
   - XML over HTTP Web API,
   - RADIUS requests through IDConfirm 1000 RADIUS agents for
        * Microsoft  NPS
        * FreeRADIUS
   - AD FS MFA Adapter

Security Modules:
The following security modules can be connected to the server:
    - Thales PShield 9000, NetHSM 500
   - Java Key Store software module
   - Any other HSM could be supported through a specific development.

Compatibility
Arkoon      
VPN appliance   via Radius agent Validation through external partner
Cisco      
VPN appliance ASA 5510 V7.2 via RADIUS agent in Cisco VPN scenario IPSec and SSL  are covered
Citrix      
Interface Web Interface via RADIUS agent  
VPN Access Gateway Std. Ed. via RADIUS agent in CAG Standard scenario  
Access Gateway Adv. Ed. via RADIUS agent in CAG Advance scenario  
Access Gateway Ent. Ed. via RADIUS agent in CAG Enterprise scenario  
SSO Password Manager Not applicable  
Checkpoint      
VPN appliance Checkpoint NGX R65 via RADIUS agent in Checkpoint VPN scenario IPSec and SSL  are covered
Evidian      
Software clustering SafeKit In SafeKit scenario Fail-over cluster configuration sample
SSO E-SSO via RADIUS agent  
F5      
VPN appliance   via Radius agent Validation through external partner
Juniper      
VPN appliance SA 700

SSG V5.4
via RADIUS agent in Juniper SSL VPN scenario
via RADIUS agent in Juniper IPSec VPN scenario
 
Microsoft      
Operating System Server 2012 IDConfirm 1000  
Server 2008 R2 IDConfirm 1000  
Database MS SQL IDConfirm 1000  
LDAP Active Directory IDConfirm 1000  
RADIUS Server NPS - Server 2008, 2012 NPSRADIUS Agent

VPN
UAG
MS RADIUS Agent
Novell      
LDAP eDirectory    
Open Source      
Database Firebird IDConfirm 1000  
MySQL IDConfirm 1000  
LDAP Open LDAP IDConfirm 1000  
RADIUS Server Free Radius 32/64 Dedicated FR agent  
Oracle      
Database Oracle    
Red Hat      
Operating System Red Hat Linux IDConfirm 1000  
Sonicwal      
VPN appliance   via Radius agent Validation through external partner
Radio IP      
VPN MultIP VPN via Radius agent