Avanpost MFA+

Main article: Multifactor (two-factor) authentication

2024

Inclusion in the Softline Universe ecosystem

Softline Group of Companies (PJSC Softline) on September 24, 2024 announced the inclusion of the Avanpost MFA + solution in the Softline Universe ecosystem. This partnership opens up new opportunities for Softline Group of companies customers in the field of access control and security, and also corresponds to the strategy of the group of companies to develop a portfolio of information security solutions from domestic manufacturers.

The inclusion of Avanpost MFA + in the Softline Universe ecosystem will allow ecosystem customers to access a large range of access and security management capabilities, including:

• a flexible and adaptive mechanism for calculating authentication scenarios;
• support for all possible integration mechanisms: OIDC, SAML, Radius, Credential Provider, PAM Linux, LDAP;
• self-service of users in terms of managing their passwords and authenticators;
• convenient mobile application Avanpost Authenticator.

We are pleased to announce the continued development of our Softline Universe ecosystem and the inclusion of the Avanpost MFA + solution. This partnership will offer our customers a reliable way to protect against unauthorized access to account compromise, which is a critical aspect in protecting today's business. Avanpost MFA + will allow companies to follow modern and convenient security standards. We are confident in the competencies of our partner - Avanpost is a recognized expert in the field of identity security. Our joint efforts aimed at helping customers in the transition to domestic solutions will contribute to the achievement of the technological sovereignty of Russian organizations, - said Valentin Martynenko, information security architect of Softline Group of Companies.

Softline Group of companies has gain experience in implementing large-scale IT projects, accompanied by implemented solutions and technical support. The group of companies embodied its expertise in an integrated product - Softline Universe. Our partnership with Softline Group of Companies is reaching a new level, and we are proud that the Avanpost MFA + system was chosen for implementation in Softline Universe. Our solution will help Softline customers improve information security and access control efficiency. With the help of Avanpost MFA +, companies will be able to organize a universal authentication platform, which will reduce administration costs and the burden on Service Desk several times, "said Dmitry Grudinin, head of development at the Avanpost FAM/MFA + product line.

Avanpost FAM/MFA+ 1.12

On July 2, 2024, Avanpost, a Russian identity security vendor, announced the release of an updated version of the multi-factor authentication system Avanpost FAM/MFA + 1.12 to protect any corporate systems and applications. Read more here.

QR Code Authentication

Avanpost on May 28, 2024 introduced a method of authentication in the Avanpost MFA + system using a QR code.

Now, for user authentication to any web applications in Avanpost MFA +, login functionality is available by scanning the QR code in the Avanpost Authenticator mobile application.

Using this technological method, users can not undergo pre-identification. The QR code that forms for authentication is constantly changing, which eliminates the possibility of its reuse. At the same time, this mechanism is as secure as possible: the Avanpost Authenticator application allows you to verify which system the user authenticates to without the risk of spoofing the QR code by attackers.

The QR code authentication method is very convenient for users - you just need to have an Avanpost Authenticator account to use it. When launching a mobile application, you just need to specify "Log in by QR code" and scan the code.

The QR code can be used either as an addition to other factors within the functionality of the Avanpost MFA + authentication system, or entirely independently as a separate login method that does not require additional confirmations.

From the point of view of reliability and security, this method is comparable to OTP authentication, but it is easier for the user, since it does not require OTP codes.

QR code authentication has brought convenience to modern security standards. Ease of use makes this method very effective for users: since almost everyone has smartphones with a camera, QR code authentication does not depend on hardware and works on almost any smartphone on which the Avanpost Authenticator mobile application is installed, "said Dmitry Grudinin, owner of the Avanpost MFA +/FAM product line.

Avanpost MFA + allows you to select the appropriate authentication method for different categories of users. You can dynamically configure authentication methods based on which application which users are authenticated to. This functionality is also available in Windows Logon - logging on to workstations running OS Windows without using a password.

Avanpost MFA + 1.11 with the ability to perform mass operations with users

Avanpost has released an updated version of the Avanpost MFA + 1.11 multifactor authentication system for large and medium-sized businesses with advanced functionality. The company announced this on April 16, 2024.

The most important thing in the release is the ability to carry out mass operations with users, which allows you to simplify the management of the user directory without restrictions on the number, mass assignment of rights, resets password , etc. All this significantly saves administrators time and resources and improves overall performance.

In addition, the following features have appeared in this release:

• Centralized management of authentication processes. Configure multiple generic processes and apply them to different applications. This simplifies and standardizes processes in the organization, reduces the likelihood of errors, and improves security.
• Support for new types of applications in the administrative console: Windows Logon, Linux Logon, LDAP Proxy, allows the business to integrate a variety of systems and applications into a single centralized authentication management, providing flexibility in choosing applications and improving user experience.
• An authentication report into applications that enables the administrator to monitor user activity in terms of authentication, detect abnormal behavior, respond to security threats in time, and improve the overall level of data protection.

When using the electronic signature authentication function in web applications, support for validation of the certificate chain based on the root certificates of the certification center. Required feature to authenticate user certificates.

This version of Avanpost MFA + is quickly and easily installed in any modern infrastructure, which is comparable to the complexity of installing on-premium components of any cloud solution for two-factor authentication. System configuration is available through a convenient administrative console, and integration with other systems is implemented using instructions from the knowledge base.

Avanpost MFA + is based on the Avanpost FAM unified authentication system, has a lightweight set of functions and does not require complex design implementation. Increased authentication when accessing corporate systems occurs using additional factors (OTR, sms/push to a smartphone, QR code through the Avanpost Authenticator mobile application, etc.), while providing centralized control and control of authentication from different applications and devices.

The system has a lower cost of licenses, due to which it is available to more businesses than Avanpost FAM, and an expanded set of functions allows you to simplify authentication management as much as possible.

We are constantly working to improve our solutions to provide customers with a wider range of features and to provide an increased level of security and ease of access management. In the updated version of Avanpost MFA +, we implemented many security functions, conducted a number of additional product tests to make multifactor authentication available to companies of all sizes - not only large, but also medium-sized businesses. With Avanpost MFA +, regardless of the specifics of the access policies applied and the implementation of the authentication process, users will receive a single "entry point" for all the necessary systems, "said Dmitry Grudinin, owner of the Avanpost MFA +/FAM product line.

Integration of NGFW Continent 4 and Avanpost FAM using Avanpost FAM LDAP Proxy

On April 10, 2024, Avanpost announced that, together with Security Code, it had successfully tested the compatibility of products - NGFW Continent 4 and the Avanpost FAM/MFA + multifactor authentication system. Read more here.

Avanpost MFA + View

Avanpost on April 9, 2024 introduced a multi-factor authentication system for large and medium-sized businesses.

Avanpost MFA + is based on the Avanpost FAM unified employee authentication system, but includes a lightweight set of functions and does not require complex design implementation.

Avanpost MFA + inherited the Avanpost FAM system security options. Like FAM, the system is used to manage employee authentication in the company's corporate resources. The product allows you to strengthen authentication when accessing corporate systems with additional factors (OTR, sms/push to a smartphone, QR code, etc.) and centrally control authentication facts from different applications and devices.

But unlike FAM, installing Avanpost MFA + does not require special training from the customer team. Technicians can deploy the system themselves from the distribution kit, configure it through a convenient administrative console and implement integrations with other systems using instructions from the knowledge base. With a simpler installation process and lower license costs, Avanpost MFA + is available to more businesses than Avanpost FAM.

Avanpost FAM is designed primarily for large customers who have a huge number of tasks related to corporate authentication. But often the multifunctionality of FAM was excessive for customers and complicated the implementation process. Therefore, we decided to create a "lightweight" product that would suit companies of any scale. We hope that Avanpost MFA + will be interested not only in business, but also in integrators who will create competence centers to help customers implement multifactor authentication projects, "said product owner Dmitry Grudinin.

Avanpost also developed the Avanpost Authenticator mobile application with device security control and the ability to work in isolated infrastructures. Particular attention was paid when creating the Avanpost Authenticator to the security of placement in the customer's infrastructure. Due to its architecture, the application will continue to function even if Google Cloud Messaging and Apple Push Notification Services, which provide standard push request services in Android and iOS, are unavailable.

Avanpost MFA + works according to the on-premium model, that is, it is installed within the customer's infrastructure without using cloud services - this ensures that the supplier will not collect any data about the customer through the system. MFA + supports all platforms and operating systems, including OS Linux, including Astra Linux, Alt Linux and, Red OS as well as smartphones Android, iOS and. Huawei

One or two domains can be connected to the MFA + system. If a company needs more domains, it can choose a FAM system that supports multi-domain environments, federation technologies, and legacy application connectivity.

In addition to the on-premium solution, Avanpost plans to release a cloud version of Avanpost Cloud Identity multi-factor authentication for smaller companies in the near future - about 100 employees.