WikID systems has a strong offering for the medium-to-large business with this two-factor authentication system.
It comes as a pre-installed custom Linux environment on a rack-mountable server appliance.
The server allows for any number of domains and users to be managed and, if redundancy is desired, the load can be shared between multiple servers. The system maintains very detailed logs, which are easily viewed through the web-based administration interface.
Set up can be a bit difficult as it is customized to serve in its environment, but that same difficulty can mean a server more tailored to the needs of the business.
Once set up, the system performs very smoothly and remains responsive. Client authentication is a breeze; but watch out for the Windows client crashing when attempting to authenticate to the domain for the first time. The client on other systems, such as the BlackBerry handheld, does not exhibit this flaw. If a wrong password is supplied, it returns a cryptic "error 104".
The system ships with very little documentation, other than a helpful "cheat sheet" install guide. Detailed install guides and general help can be obtained online through WikID's website, but the system would not send a confirmation email with account information when we followed the procedure for obtaining an account.
However, the support staff are very quick and knowledgeable, responding to problems via email.
Compared with the standard fare of hardware tokens, this software method does hold the potential for savings. Because there are no hardware devices for the users to keep track of, there is no expense in replacing a lost or broken unit.
One problem of note was repeated hardware failures; of two units supplied both became unusable for different reasons, but this may have been due to damage in shipping. They are standard computer systems and, in theory, should be as prone to such damage as any other system in the data center.
Support, no hardware tokens required for strong two-factor authentication, supports multiple types of devices such as BlackBerry.
Documentation, web support.
Providing a turn-key system and avoiding the need for hardware tokens, with their attendant costs, makes this is a strong contender for medium-to-large organizations. It could use more proactive and complete documentation, however, and we were disappointed with the robustn