SafeNet’s Authentication Service is a multifactor authentication software product from Gemalto that adds supplementary security measures to standard username/password logins for a variety of servers and services. It prevents unauthorized logins by enabling organizations to require additional factors (via biometrics or smartphones) when users attempt to access company resources and applications.
This product is appropriate for midsize to large enterprises, especially for those that want to make use of a variety of external cloud-based services.
While we cover just the software as a service (SaaS) version here, Gemalto SafeNet also offers Windows-based Authentication Manager servers with similar features, but for on-premises installations. This is comparable to the way some other vendors in this space (take CA Technologies, for example) also offer two separate products with essentially the same features.
Organizations with multifactor authentication needs that lean more toward on-premises server protection should consider SafeNet’s Authentication Manager for Windows service rather than the SaaS edition.
SafeNet tokens and pricing
SafeNet has a variety of token, mobile and desktop authenticators (see table). Its wide selection even includes an interesting grid-type, hardware-based token that asks users to draw a pattern, similar to what’s available on most Android smartphones today.
The service is also unique in that it offers subscription-based pricing, which includes a single copy of its server software and one text messaging token per user. This makes it easier for organizations to calculate expected deployment costs. Additional tokens cost extra.
Subscriptions include all support and maintenance costs on a per-user, per-month basis. There are also additional support plans that offer more coverage and faster response times for an added fee.
SafeNet management and administration
Gemalto’s SafeNet has the most extensive policies, role assignments and user groups of any of the multifactor authentication products we tested, which allow IT to more easily set up different authentication levels for different individuals and groups.
SafeNet also has a flexible and customizable token provisioning and approval workflow that can include such entities as Issuing Authority, Shipping Authority and multiple approver levels. Once tokens are provisioned, users receive a self-enrollment email to complete the process.
There’s even a self-service portal where users can reset their PINs or request additional tokens. SafeNet supports a variety of applications, including VPN, Salesforce, Outlook Web App, SharePoint, local network file shares and other SaaS-based services.
It also offers custom integrations with its Authentication API (in .NET and Java) to enable custom authentication from an application or network device that does not support or use such industry standards as RADIUS and Security Assertion Markup Language (SAML). In addition, SafeNet’s management API supports user and token management without the use of the standard web user interface, and enables the integrator to invoke any or all of the user interface functionality from external applications.
One of SafeNet’s strengths is its reporting tool. It includes more than 40 reports across four different categories: billing, inventory management, compliance and security policy. All reports can be customized, run as required or run on a schedule at regular intervals.
Reports can be viewed through the management UI, downloaded or automatically delivered to specified email addresses, or sent via FTP to a particular file server location.
Gemalto SafeNet has been in the authentication market for quite some time, and the maturity of its product is evident. With subscription pricing, a wide variety of tokens and applications supported, and solid reporting tools, it is a very effective choice for enabling multifactor authentication to improve login security.