[CALUG] seeking RSA advice

[Daniel Deighton]

On Thu, 2009-06-25 at 22:49 -0400, benalgo at speakeasy.net wrote:
> Hi all,
> My apologies in advance if this is considered off topic.
> 
> We're researching implementing RSA remote authentication.
> Does any one have any experience in this (vendor / solution recommendations 
> / in house configuration) ?
> It "seems" like the only way to score a (RSA) setup is to go through the 
> VAR channel.
> (meaning you can't buy the appliance or server solution and tokens and set 
> it up yourself)
> Does anyone know if this true ?
> 
> Conversely the primary incentive for considering this is compliance w/ 
> govn't contractor security requirements.
> So in that vein does anyone if that is true and a RSA solution is the only 
> approved one ?
> 



Ben,

A client of ours uses RSA SecurID.  In general, they are happy with the
technology.  However, they recently switched from running their own
server to an appliance solution.  They very much regret the decision.
With the appliance, troubleshooting is difficult and there have been
several issues that required RSA's support.  With a server install, they
could have handled these issues in-house. I was not involved in this
project so I don't have details on the issues, but I know there were
problems.  When it comes time to upgrade, I'm sure they will move away
from the appliances.

Have you looked into alternatives to RSA SecurID?  I'm very interested
in checking out WiKID
(http://www.wikidsystems.com/downloads/DownloadTheServer) It's an
open-source two-factor auth system. Commercial support is available.  If
anyone has tried it out, let us know.

 -Dan

-  

Daniel Deighton
Partner - Aplura, LLC
ddeighton at aplura.com
410.241.4845