Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
643 Views 2 Replies Latest reply: Jan 30, 2013 9:54 AM by cnewman RSS
btlyric Apprentice 184 posts since
Aug 1, 2012
Currently Being Moderated

Jan 30, 2013 12:04 AM

token-based authentication

Interested in hearing about others' experience with implementing "token-based" authentication with MWG.

 

I'm thinking things like: CAC, biometric, client certificates, etoken, Alladin, Vasco, SecureID, etc.

 

Thanks!

  • sroering McAfee SME 458 posts since
    Feb 10, 2011
    Currently Being Moderated
    1. Jan 30, 2013 8:20 AM (in response to btlyric)
    Re: token-based authentication

    Web Gateway can do RADIUS authentication on the back side, and most enterprise identity software can do RADIUS, so you should be able to do this.  One of my colleagues said he was able to configure the admin GUI login to use McAfee One Time Password.

  • cnewman McAfee SME 40 posts since
    Jan 31, 2011
    Currently Being Moderated
    2. Jan 30, 2013 9:54 AM (in response to btlyric)
    Re: token-based authentication

    It is relatively easy to implement and has been done. You list several different types there.

     

    Alladin, secureID etc are one time password mechanisms, essentially a token that either changes every x seconds or generates a new passcode when you hit a button. Those generally support radius.

    You will want to use the authentication server and either do client/IP (store a username with an IP for a period of time) or cookie authentication. Direct proxy authentication is not possible as each new tcp/ip connection would require reauthenticating.

     

    CAC and client certs work a little different as a public key is supplied based on some sort of hardware and possible pin. We call that x509, and there are rules in the library and several discussions on the subject.

     

    --CN

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points