IDentiWall Wi-Fi
Target market
Any Wi-Fi users who wish to implement Multi-Factor authentication.
Product schema
Typical workflow
- The user starts the login process to the Wi-Fi access point by submitting their User-ID and Password (credentials)
- The Wi-Fi refers the credentials to IDentiWall’s Radius server.
- IDentiWall checks in the Active Directory or in its own database if the particular user is managed by
IDentiWall, and verifies the user’s password either by LDAP authentication or by checking the password against its
own database. If the organization already utilizes a third party radius server, IDentiWall can authenticate the
user through it
- If the user is managed by IDentiWall, it sends a One-Time-Password (OTP) to the user’s handset (both mobile
or Dect handsets are supported)
- IDentiWall instructs the Wi-Fi to send the user a challenge dialog, into which they have to copy the One Time
Password (OTP) they got on their handset.
- If the user is protected by IDentiWall’s pre-installed Mobile agent or WAP pushed agent, the agent asks for a
Pin Code in order to decrypt the encrypted OTP.
- The user copies the OTP to the challenge screen and submits it to the Wi-Fi
- The VPN refers the OTP it got from the user to IDentiWall’s Radius server that, in turn, compares it against
the original OTP it has sent to the user.
Please note that IDentiWall maintains a one-to-one relationship between the user’s Wi-Fi session and the OTP
that was sent for that session. Legitimate OTPs which were supposed to be used in other sessions are not accepted. Only
the original OTP of the particular session is accepted.
- If the OTP comparison is successful, IDentiWall authorizes the Wi-Fi to open the door for the user.
Included technologies
- Authentication methods
- SMS sending
- Radius server
- Security
- LDAP client
Optional technologies
- Billing methods
- HTTP gateway
- SMPP client
- Secured registration
- Mobile pre-installed agent
- WAP pushed agent
- SMS routing gateway
- Billing server
- Syndication server
Implementation issues
- What serves as the SMS broker?
- Opening an account with the SMS broker
- Who pays for the SMSs, the customer or its users?
- If the users pay (such as in a university typical situation), each user needs to activate their account by
purchasing SMS credits in the Billing server.
- Set up the user’s profile of preferences
- Training local staff
Billing issues
- Who servers as the SMS broker?
- Opening an account with the SMS broker
- Who pays for the SMSs, the customer or its users?
- If the users pay (such as in a university typical situation), each user needs to activate their account by
purchasing SMS credits in the Billing server.
- Set up the user’s profile of preferences
Licensing issues
- Number of users with pre-paid license fees to be covered by IDentiWall. These users will pay discounted
prices for their SMS consumption.
- Does the customer wish to implement Pay-as-You-Go users? For these users the customer has to purchase undiscounted
SMS credit.
- Does the customer want their users to pay for their service? Such users will have to open and/or activate their
account by purchasing SMS credits from in the Billing server.
More
IDentiWall Authentication Security Products |
