2 Factor Authentication using VASCO

Discussion in 'Parallels Remote Application Server' started by Viresh, Apr 20, 2009.

  1. Viresh

    Viresh Guest


    The company I work for is planning to implement 2X ApplicationServer to provide remote application access via Web. I was doing some research on your software. I think the 2X ApplicationServer software will be the solution for us. Though, I still got some questions related to 2 Factor Authentication.

    I want remote users to be able to log-in with their Active Directory username and Vasco Digipass token.

    I found out that ApplicationServer v6.2 has an integrated deepnet security platform. (source: Working_with_Deepnet.pdf). Would this mean I need to order a Deepnet platform server additionally to make things work with 2X, or is this included?

    We currently already have a Microsoft RADIUS environment. VASCO Middleware supports RADIUS proxying, which means that any RADIUS authentication log-in can be handled through the token device (See: http://www.vasco.com/products/literature.html -> VACMAN RADIUS Middleware.pdf for more information). Will this also work with 2X Application Server? So basically what I want to know, is 2x AS able to work with RADIUS? Would this eliminate the need of Deepnet?

    Thanks in advance.

    Kind Regards,

    Viresh Varma
    Vanveen Informatica
  2. zippo



    2nd LevelAuthentication requires Deepnet platform server.
    2X integrates with this server.
  3. Viresh

    Viresh Guest

    Ok, thanks for your reply.

    If im getting this correctly, this solution will eliminate the need of Vasco's authentication server, and thus I'll only need Vasco's hardware Token devices, right?
  4. zippo


    You’re right. There is no need to install VASCO’s authentication server. VASCO’s DigiPass Go tokens are natively supported by Deepnet.

    FYI, RSA SecurID is also natively supported too.
  5. Viresh

    Viresh Guest

    Great, thanks again. I'll get started with this.
  6. Viresh

    Viresh Guest

    I'm setting up the system so that intern (LAN) users can access their applications via the 2X Client using direct mode and extern (Internet) users via the Web Portal using SSL Gateway mode.

    Is there anyway I can configure the system so that only the extern users have to use their Vasco tokens to log-in? Would I need two client gateways for that?

    And also, can I force the extern users to use SSL mode ?

  7. zippo


    no that is not possible at the moment but 2X are working on such a solution.
    at the moment its either completely on or off
  8. Viresh

    Viresh Guest

    Ok thanks. And what about forcing SSL mode for extern users?
  9. Sergei

    Sergei Guest

    You can have separate 2X Client Gateway for your external users and only have SSL enabled on it. Your external users will only be able to use SSL then.
  10. Viresh

    Viresh Guest

    Thanks for your reply. But with this solution, if I install the publishing agent on both gateways, wouldn't it also be possible to authenticate local users via the public gateway / publishing agent via normal AD user/password, while authenticate the remote users through the private gateway with deepnet / vasco?
  11. Viresh

    Viresh Guest

    Also, f.e. if I decide to use the setup in the drawing above, would that mean I'll need to have 3 licenses for 2X ApplicationServer?
  12. Viresh

    Viresh Guest

    Anyone? I really need this thing cleared up.


Share This Page