Skip to main content

UAG Authentication Capabilities


Sometimes the subject of authentication in UAG seems to confuse people, and to lead them to the wrong conclusions. To set the record straight on a couple of issues:

Misconception #1: UAG includes robust authentication capabilities - this is a true statement, but sometimes is gets interpreted in a way that implies a presence of some sort of secure identity store within UAG. This is not the case. UAG leverages different authentication repositories and options and can temporarily hold certain identity information to support things such as single sign-on (SSO), but is not a repository in itself. Here's a list of repositories and options supported out of the box (OOB):    


Options such as "WINHTTP" and "Other" allow for new methods to be implemented to extend the OOB functionality (see a great example here). 

Misconception #2: UAG supports multi-factor authentication, including bio-metrics, hardware and software tokens, one time passwords (OTP), etc. - once again, this is a true statement, but supports does not mean includes. You would need a solution that implements said capabilities (bio-metrics, OTP, etc.) and integrates with UAG.


Luckily, UAG is a highly extensible products and integration is its strong suite. You would find plenty of great, ready to use solutions in both software only or appliance formats or you could opt to implement your own unique scheme. Furthermore, for your convenience many of the appliance based solutions include both the UAG itself + those strong authentication extensions, all integrated and ready to go. Here's a quick sample of what's available:
  • Winfrasoft UAG Appliance with PINsafe, link
  • PORTSYS UAG Applicance with SafeLogin, link
  • Clestix WSA UAG and HOTpin Appliances, link 
  • Deepnet Security DualShield Unified Authentication Platform, link 
  • PointSharp ID Unified Authentication, link
  • Gemalto SA Server, link
  • nGSA Gemalto Appliance, link
So, one might ask - "What does UAG do?" Well, first of all - it is pretty busy being scalable, secure, remote access solution that supports granular access control and provides robust support for different authentication repositories and options. And then - it is the remote access platform that put's it all together (multiple repositories, advanced authentication options, single sign-on, etc.)
Labels:

Comments

Post a Comment

Popular posts from this blog

Mail-enabled security groups in Office 365

Another update (11/19/2013):  further evolution of Office 365 services makes creation of distribution and security groups even easier, plus there's now an option of creating a dynamic distribution group (click here for more information):    Update (08/06/2012): a clear sign of Office 365 evolving along the same lines as other agile cloud services - small incremental features and minor new functionality are being delivered almost continuously and, unlike important major service updates,  without much fanfare. For example, there's no need to resort to using PowerShell to setup mail-enabled security groups anymore, it can now be done at creation using management portal:       Those managing Office 365 ( O365 ) tenant via the Microsoft Online Services Portal  ( MOS Portal ) interface would notice that there are two distinct group entities: Security Groups: can be created via MOS Portal (main portal page>Management>Security Groups) and used for assigning
1 comment
Read more

Drumbeat - Sales and Technical Resources for Office 365

​ Drumbeat - provides information as well as technical and sales resources for Office 365. From partnering with Microsoft, to building up your sales and technical readiness, to adopting proven methodologies for successful deployment - you will find lots of good information and many helpful links there. Here's a quick sample of topics covered: The Customer Decision Framework is Microsoft's selling methodology designed to help partners sell Office 365 to their customers. Office 365 FastTrack is Microsoft's new, 3-step pilot and deployment methodology designed so customers experience service value early in the sales cycle with a smooth path to advance from a pilot to deployment.
Post a Comment
Read more

WordPress displays weird characters

Sometimes after a database conversion (e.g. from MySQL to MariaDB) or due to encoding issues a situation might arise when WordPress is showing weird characters. A quick way of remedying the situation would involve examining the pages to discover a pattern (what characters are being substituted, in the example below the apostrophe was replaced by  ’ ) then running an queries against the database to reverse the effect. Here's a quick example (common tables that store content): UPDATE  wp_posts  SET  post_content =  REPLACE (post_content,  'Â' ,  '' )      UPDATE  wp_posts  SET  post_content =  REPLACE (post_content,  '’' ,  "'" )      UPDATE  wp_postmeta  SET  meta_value =  REPLACE (meta_value,  'Â' ,  '' )      UPDATE  wp_postmeta  SET  meta_value =  REPLACE (meta_value,  '’' ,  "'" )      Please, keep in mind that to permanently resolve the issue you would need to get to the root of the p
17 comments
Read more