Multifactor authentication: A buyer's guide to MFA products
A collection of articles that takes you from defining technology needs to purchasing options
Defender by Quest Software Inc. is a two-factor authentication tool that adds additional security measures to standard username/password logins for a variety of servers and services using biometrics and smartphone devices. Defender came into the Dell fold when the company acquired Quest Software. Dell has since spun out Quest and its security products.
Authentication tools can help even when an organization's users don't practice good password hygiene and reuse passwords across multiple services and servers. Quest's two-factor authentication product is appropriate for midsize and large enterprises -- especially for those that want to make use of a variety of external software as a service tools.
How much does Quest Defender cost?
Defender is part of Quest's One Identity family of identity and access management products. Defender software is licensed per user and covers multiple token methods at the same cost. The first year of standard business day support is included in the license; adding additional years of support, or for extended after-hours response, costs extra. Defender is mostly sold directly through Quest, although there are some channel partners that offer it, as well.
Defender hard and soft tokens
When users are enabled, they can go to the web-based Defender Management Portal to either request a soft token or register a hard token that they've received from their company.
For hard tokens, users are required to enter the serial number and the one-time password.
After a user has requested a soft token, an email is sent to the address defined within the authentication directory. The email contains instructions on how to download that particular soft token. The user also receives a link that takes them to the token deployment site and provides them with a software activation code.
Once end users have entered the activation code into the software token, they are ready to begin using it as needed. This represents the current state of the art for the technology, and is similar to how other multifactor authentication and two-factor authentication products deploy software-based tokens.
Defender management and administration
Defender integrates with Quest's Cloud Access Manager, which supports Security Assertion Markup Language logins to cloud-based services, and extends multifactor authentication to those services. This is useful for IT shops that support a variety of software as a service-based services, such as Dropbox or Salesforce, and want to strengthen these logins.
There is also an Internet Server Application Programming Interface filter for Microsoft Internet Information Services servers to make it easier to add authentication protection to Microsoft's web applications. Recently, Defender has added new features that allow more extensible web code to be used in a wider collection of circumstances, making it more able to support in-house custom developed applications.
Lastly, Defender, through the Defender Management Portal, has a wide variety of reports available, including for audit trails, authentication violations, token activity and more. In this area, Quest's two-factor authentication product is on par with the leading vendors, such as SecureAuth and VASCO.
The questions you need to ask when selecting two-factor and multifactor authentication products
See how Facebook is employing two-factor authentication
For mobile technology, two-factor authentication is better than biometrics