Page 226 / 240 Scroll up to view Page 221 - 225
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual
E-2
Two Factor Authentication
v1.3, March 2009
Quick to deploy and manage
. The WiKID solution integrates seamlessly with the
NETGEAR SSL and VPN firewall products.
Proven regulatory compliance
. Two-Factor Authentication has been used as a mandatory
authentication process for many corporations and enterprises worldwide.
What is Two-Factor Authentication
Two-Factor Authentication is a new security solution that enhances and strengthens security by
implementing multiple factors to the authentication process that challenge and confirm the users
identities before they can gain access to the network. There are several factors that are used to
validate the users to make that you are who you said you are. These factors are:
Something you know – for example, your password or your PIN
Something you have – for example, a token with generated passcode that is either 6 to 8 digits in
length.
Something you are – fox example, biometrics such as fingerprints or retinal.
We will only focus and discuss the first two factors – something you know and something you
have. This new security method can be viewed as a two-tiered authentication approach because it
typically relies on what you know and what you have. A common example of two-factor
authentication is a bank (ATM) card that has been issued by a bank institute:
The PIN to access your account is “
something you know
The ATM card is “
something you have
You must have both of these factors to gain access to your bank account. Similar to the ATM card,
access to the corporate networks and data can also be strengthen using combination of the multiple
factors such as a PIN and a token (hardware or software) to validate the users and reduce the
incidence of online identity theft.
NETGEAR Two-Factor Authentication Solutions
NETGEAR has implemented 2 Two-Factor Authentication solutions from WiKID. WiKID is the
software-based token solution. So instead of using Windows Active Directory or LDAP as the
authentication server, administrators now have the option to use WiKID to do Two-Factor
Authentication on NETGEAR SSL and VPN firewall products.
Page 227 / 240
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual
Two Factor Authentication
E-3
v1.3, March 2009
The WiKID solution is based on a request-response architecture where a one-time passcode
(OTP), that is time synchronized with the authentication server, is generated and sent to the user
once the validity of a user credential has been confirmed by the server. The request-response
architecture is capable of self-service initialization by end-users, dramatically reducing
implementation and maintenance costs. Here is a quick example of how WiKID work.
1.
The user launches the WiKID token software, enter the PIN that has been given to them
(
something they know
) and then press “continue” to receive the one-time passcode (OTP) from
the WiKID authentication server:
Figure E-1
Page 228 / 240
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual
E-4
Two Factor Authentication
v1.3, March 2009
2.
A one-time passcode (
something they have
) is generated for this user.
Figure E-2
Note:
The one-time passcode is time synchronized to the authentication server so that
the OTP can only be used once and must be used before the expiration time. If
a user does not use this passcode before it is expired, the user will need to go
through the request process again to generate a new OTP.
Page 229 / 240
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual
Two Factor Authentication
E-5
v1.3, March 2009
3.
The user then goes to the two factor login page and enters the generated one-time passcode as
the login password.
Two-Factor Authentication is a new and easy way to enhance networking security products
without having to replace the existing hardware. To obtain and try the new Two-Factor
Authentication solution on your products, visit NETGEAR Support website
at
.
Figure E-3
Page 230 / 240
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual
E-6
Two Factor Authentication
v1.3, March 2009

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top