July 15, 2013 •
LoginTC provides a simple and effective way to secure remote access your IT infrastructure. Whether you are looking to be PCI-DSS compliant, following industry regulations or wanting to beef up your remote access security without the hassle of deploying hard tokens, look no further. Our connector suite allows enterprise administrators to add two-factor authentication to virtually any identity and access management deployment.
Let’s take a closer look at how the LoginTC RADIUS Connector adds two-factor authentication to your VPNs. We currently support the most widely used VPNs, Cisco ASA, OpenVPN, Barracuda, Juniper, and are constantly adding more to this list.
First off, we will make a few assumptions. Your infrastructure includes a VPN which is currently using a single password factor for authentication (i.e. Active Directory, LDAP or perhaps a RADIUS based system) or an existing multi-factor solution which is too burdensome to continue with (i.e. hard tokens).
Below is a simple architecture diagram which demonstrates how the LoginTC RADIUS Connector integrates into your infrastructure.
The connector is a light-weight virtual machine which sits in your infrastructure in between your VPN and existing first factor. Think of it as a proxy to the LoginTC service which augments your existing method of authentication with a mobile second factor. Breakdown of the steps:
This all takes place in virtually the same amount of time it would take a user to authenticate for existing remote access! Existing password policies and first-factor security policies remain untouched. The passwords themselves never leave your premise.
A core tenant of the LoginTC family of products and services is to make it easy for users and administrators. Our configuration-driven setup reduces the time dramatically to pilot and deploy the solution. The LoginTC RADIUS Connector also comes with useful testing tools to verify your setup with ease.
You will be able to run in dual mode and as the rollout of the augmented authentication happens. Configure your VPN to use the LoginTC RADIUS Connector for users that are already provisioned using group assignments. You can also configure the connector to authenticate only using first factor until your users have been migrated.
There are several options for managing your users within LoginTC: