Billion’s OTP solution is due to be launched in the UK in the next week or so and looks good value as the two-token starter pack will cost around £49, while a ten-pack will set you back £189. It’s based on the Authenex ASAS software, which provides a user database and RADIUS server. This requires either a Windows 2000 Server or Server 2003 platform and we strongly recommend using a fresh install before loading the ASAS server as we found it gets very tetchy if any other applications are already present. The database needs configuring first where you enter the IP address of the S20, provide a shared secret and then set up users. Note that the bundle you purchase comes with a set of tokens each with unique serial numbers, which are linked only to the software you have been supplied with. Each user is given their own PIN and handed the token that has been assigned to their account.
At the appliance you create a RADIUS-PAP authentication domain then give it the IP address of the RADIUS server and shared secret. The only glitch with this system is you also have to manually declare each ASAS user to the appliance. When using a RADIUS domain you don’t enter a password but the accounts are needed to enable you to determine what network resources they can use as the RADIUS server can’t do this itself.
From the login portal you pick the appropriate domain, enter your username, press the button on the token and use your PIN plus the number displayed as your password. The OTP is shown for thirty seconds after which the display is blanked and the code is no longer valid. During testing we found the OTP system worked flawlessly making for a tough security solution that can enable users to work safely from any web enabled system. To test general RADIUS support we also successfully integrated the S20 with SecurEnvoy’s excellent SecurAccess server which uses SMS texts to send out pass-codes.
The S20 shows that SSL VPNs are the way forward for providing secure access to the LAN for remote workers. For the price, it offers a lot of useful feature for smaller businesses and the optional OTP solution makes it even more versatile.