Forget your VPN password
FYI, this story is more than a year old
The increasing use of remote access is driving businesses to look for an easy-to-manage, secure solution for providing access to sensitive company assets.
Businesses looking for ways to keep their sensitive information secure need to look beyond passwords as the chief method to protect users and their data.
“Businesses are increasingly being asked to offer remote access to corporate applications and resources, whether by mobile workers, small branch locations or partners and customers,” says Geoff Cossey, CEO and managing director for Chillisoft, the New Zealand distributor for ESET.
He says true network security requires multiple elements and many of these are provided via any of a growing range of VPN appliances.
“As static passwords are widely known to be non-secure and easy to compromise, many security experts recommend supplementing the built-in user authentication of these devices by adding a second factor or strong authentication,” Cossey says.
Two-Factor Authentication (2FA) is an authentication method which requires two independent pieces of information to establish a user’s identity. 2FA is much stronger than traditional password authentication, which requires only one factor.
There are a growing number of easy-to-configure and affordable VPN solutions offering both remote access and in some cases Unified Threat Management to companies of all sizes – from small and medium businesses to enterprises.
ESET Secure Authentication
ESET Secure Authentication integrates with all major VPNs to provide two-factor user authentication, ensuring strong security for the corporate LAN and central resources.
ESET, with its NOD32 technology, secures business IT infrastructure across all major operating systems. “It offers a way to provide strong authentication through this class of VPN device, using One Time Passwords (OTPs) generated by an app on the user’s mobile phone,” Cossey explains.
The OTP solution ESET Secure Authenticator gives solution architects and administrators a simpler, more secure option to the traditional Password. ESET's solution can be implemented on most firewalls, webmail, terminal server, RDP and any Radius-based web authentication system.
“ESET Secure Authentication combined with your VPN gives you easy and ultra secure remote access – everywhere and any time,” says Cossey.
ESET Secure Authentication can be easily deployed to supplement existing VPN devices, adding strong authentication without any significant change to the VPN configuration.
“After configuring ESET Secure Authentication and your VPN correctly, you will have eliminated the weakest point of any security infrastructure - the use of static passwords, which are easily stolen, guessed, reused or shared,” Cossey adds.
How it works
Your VPN’s main purpose is to secure all kinds of SSL-VPN connections,” says Cossey. “It can perform the authentication for this against an external service using the RADIUS protocol, allowing the ESET Secure Authentication RADIUS Server to function as a back-end service for your VPN.”
Users will be authenticated first by the ESET Secure Authentication Server, which can be linked to Active Directory in the back-end.
“In effect the ESET Secure Authentication Server is deployed in between the VPN and Active Directory,” Cossey says. “This means that ESET Secure Authentication receives all authentication requests from your VPN .”