Hello, The company I work for is planning to implement 2X ApplicationServer to provide remote application access via Web. I was doing some research on your software. I think the 2X ApplicationServer software will be the solution for us. Though, I still got some questions related to 2 Factor Authentication. I want remote users to be able to log-in with their Active Directory username and Vasco Digipass token. I found out that ApplicationServer v6.2 has an integrated deepnet security platform. (source: Working_with_Deepnet.pdf). Would this mean I need to order a Deepnet platform server additionally to make things work with 2X, or is this included? We currently already have a Microsoft RADIUS environment. VASCO Middleware supports RADIUS proxying, which means that any RADIUS authentication log-in can be handled through the token device (See: http://www.vasco.com/products/literature.html -> VACMAN RADIUS Middleware.pdf for more information). Will this also work with 2X Application Server? So basically what I want to know, is 2x AS able to work with RADIUS? Would this eliminate the need of Deepnet? Thanks in advance. Kind Regards, Viresh Varma Vanveen Informatica
Ok, thanks for your reply. If im getting this correctly, this solution will eliminate the need of Vasco's authentication server, and thus I'll only need Vasco's hardware Token devices, right?
You’re right. There is no need to install VASCO’s authentication server. VASCO’s DigiPass Go tokens are natively supported by Deepnet. FYI, RSA SecurID is also natively supported too.
I'm setting up the system so that intern (LAN) users can access their applications via the 2X Client using direct mode and extern (Internet) users via the Web Portal using SSL Gateway mode. Is there anyway I can configure the system so that only the extern users have to use their Vasco tokens to log-in? Would I need two client gateways for that? And also, can I force the extern users to use SSL mode ? Thanks.
no that is not possible at the moment but 2X are working on such a solution. at the moment its either completely on or off
Hey, You can have separate 2X Client Gateway for your external users and only have SSL enabled on it. Your external users will only be able to use SSL then.
Thanks for your reply. But with this solution, if I install the publishing agent on both gateways, wouldn't it also be possible to authenticate local users via the public gateway / publishing agent via normal AD user/password, while authenticate the remote users through the private gateway with deepnet / vasco?
Also, f.e. if I decide to use the setup in the drawing above, would that mean I'll need to have 3 licenses for 2X ApplicationServer?