Developers: | ESET (ISET Softvea) |
Date of the premiere of the system: | 2014/07/23 |
Last Release Date: | 2020/04/16 |
Technology: | IB - Authentication |
Content |
Main article: Multifactor (two-factor) authentication
ESET Secure Authentication (ESA) is a two-factor authentication tool.
According to Verizon the company's 2014 Data Breach Investigations Report, compromising accounts remains the most common way to gain unauthorized access to company confidential information. Two of the three corporate network hacks occur "through the fault" of the weak or stolen. passwords Implementation can prevent such incidents. two-factor authentications
Eset Secure Authentication protects the corporate network from unauthorized access. To connect remotely to company resources, an employee must enter a permanent login and password on the device, and then enter an additional temporary password. ESA generates a temporary password at random and sends it to the user in SMS or shows it in the mobile application. Also, the user can authenticate by connecting a hardware token to the computer, or simply respond to a push notification on his device.
2022: Axoft OpenVPN and ESA Connector
On January 26, 2022, Axoft, a global expert in information technology and services distribution, introduced a connector for fast integration of OpenVPN and ESET Secure Authentication (ESA) solutions. More details here.
2020: Eset Secure Authentication 3.0
On April 16, 2020, ESET announced the release of the next version of the ESET Secure Authentication 3.0 solution for two-factor authentication.
The features presented in the updated solution allow you to optimize safety IT Infrastructure organizations during a massive transition to a remote office.
When working remotely, cybercriminals find it easier to find vulnerability and penetrate the enterprise network. One of the reasons is that employees use the same and simple passwords in several applications and web services. As a result, the likelihood of hacking work accounts increases. ESET Secure Authentication 3.0 provides updates that address this issue. One of the most important is a component that enhances integration with third-party products. Thanks to it, it became possible to protect any service or application that uses a third-party account provider for SAML authentication.
An equally significant update in ESET Secure Authentication 3.0 is to confirm login from new IP addresses. Previously, users could not see where the authentication request was coming from. This information now appears in the push notification with an invitation to deny or allow access.
ESET Secure Authentication 3.0 has added support for biometric authentication to log in to the mobile application - users can use a fingerprint scanner and face recognition system.
Finally, ESET Secure Authentication 3.0 optimizes the performance of large projects. The solution is easy to deploy in a network of any scale, say the company.
2019: Option of self-registration of users
Eset introduced in June 2019 an update to the Eset Secure Authentication two-factor authentication business solution. The product added the option of self-registering users and using hardware keys of the FIDO U2F and FIDO2 standard, as well as a number of other functions.
This version of Eset Secure Authentication preserves the convenience and simplicity of the settings and extends the feature set. So, support for mobile applications has been added - time-bound hardware keys (TOTP) can now be used on iOS and Android devices.
The updated version was supplemented by the Reports section, which provides convenient access to the collected data and analytics tools. For ease of use, a web console is added to the product, which clearly demonstrates user activity (authentication, entry points to the enterprise system, configuration changes, etc.) and allows you to perform various actions (sorting, exporting data, etc.)
The updated Eset Secure Authentication offers the ability to self-register users, which accelerates system deployment and reduces administrator effort.
Employees can choose the desired authentication method (for example, SMS, push notification, or OTR generated in a mobile application). They can also enter mandatory information (for example, a phone number) and activate the mobile application by scanning the QR code.
Another important addition was the expansion of authentication tools - now the product supports FIDO U2F and FIDO2 hardware security keys. The user needs to select the FIDO key as the validation method, insert the device, and confirm the action. With public key encryption, the authentication process has become even safer. Using FIDO keys does not require additional drivers.
Eset Secure Authentication also received advanced support for Active Directory sites and domain services.
The number of offline authorizations in the system for remote employees has increased, and it is possible to set "white lists" for each function.
2018: Multi-Domain Support
Eset on May 23, 2018 introduced the next version of the product for two-factor authentication Eset Secure Authentication (ESA). The product implements multi-domain, a tool for centralized management and other important improvements.
Eset Secure Authentication protects the corporate network from unauthorized access. To connect remotely to company resources, the employee must enter a permanent login and password on the device, and then an additional temporary password. ESA generates a temporary password randomly and sends it to the user SMS in or shows in. mobile application Also, the user can pass authentication by connecting to the computer to a hardware token, or simply respond to a push notification on his device.
Eset Secure Authentication now supports multiple domains. There is support for additional types of users (in addition to enterprise domain accounts) and ways to add them: manual import, automatic synchronization, etc. In addition, it is possible to add multiple users with a common mobile phone number in the same domain.
Eset Secure Authentication introduced a Web-based console for centralized product management that simplifies the work of network administrators. The upgraded ESA server can be installed offline without an Active Directory domain.
A completely redesigned API is available, as well as a mobile application with a unified design and interface for end users. You can delete accounts (tokens) directly from the application user interface. Added push authentication for mobile devices on Windows 10.
Among other ESA additions are the ability to change the server port during installation, support for encrypted PSKC files and optimized compatibility.
2017: iOS device support
In an updated version of the product, push notifications can be sent to Apple devices - for example, authentication with Apple Watch is possible.
Eset Secure Authentication now allows you to send push notifications not only on Android, but also on iOS devices. Users of Apple Watch, iPhone or iPad can accept or reject the message at one touch of the screen, no other actions are required for authorization. The feature requires an Internet connection, but you can enter a temporary password manually without network and mobile access.
Eset Secure Authentication has the ability to generate an access recovery key. If the employee has lost, smartphone the system administrator can pass a special key to the user. authentications
ESA supports Apple iOS 10, Microsoft Windows Server 2016, Microsoft Exchange 2016, Microsoft SharePoint 2016 and Microsoft Dynamics CRM 2016. In addition, network administrators can now check for a new version of the product through the management console and download it.
2016: ESET Secure Authentication Release v.2.5.23.0
On December 1, 2016, the company ESET announced the release of the ESET Secure Authentication (ESA) version. The product implements the push notification function, with which users can use the smartwatch on to authenticate. Android
For remote access to the corporate network, the user must enter a permanent login and password on his device, then an additional temporary password. ESET Secure Authentication generates a temporary password randomly and sends it to the user via SMS, shows in a mobile application or hardware token.
In this version, ESET Secure Authentication can send a push notification to a user's smartphone or smartwatch. You can accept or reject this message at one touch of the screen, you do not need other actions for authorization. As of December 2016, the feature is available only on Android devices.
The product has been developed in accordance with the wishes of corporate customers. In the new version of ESA, the authentication procedure is simplified to the limit - everything so that employees use remote access protection and do not come up with ways to bypass, putting these companies at risk. |
ESET Secure Authentication upgrade:
- installation wizard,
- performance and security settings.
2015
With an early 2015 update, ESET Secure Authentication provides remote desktop protection for Microsoft Remote Desktop Protocol. The implementation is fast and convenient, minimizing the work of network administrators. Using the existing Active Directory infrastructure and security mechanisms, the updated version of the product reduces the cost of companies protecting the corporate network.
With compatibility with Windows Server (versions from 2008 R2 to Windows Server 10 Technical Preview), ESET Secure Authentication protects both licensed Remote Desktop Session Host servers and native Remote Desktop connections.
The updated version of ESET Secure Authentication also supports new features for administrators of large enterprise networks. The solution is not limited to single-domain forests and can be deployed in networks with several forests and domains. The product allows administrators to track and classify all users using two-factor authentication.
2014
On July 23, 2014, ESET announced the launch of the ESET Secure Authentication two-factor authentication facility on the Russian market.
ESET Secure Authentication is easy to deploy and implement. The product can be integrated into almost any authentication system - Microsoft applications, VPN and VDI systems, an internal company network or remote access system, Active Directory-based solutions or native databases. ESA supports most mobile operating systems.
"TheESA solution allows you to build another account protection loop without additional investment in hardware," said Alexey Oskin, head of technical and marketing support for ESET Russia products. - Generating unique temporary passwords will protect the company from attacks by intruders or negligence of employees who use simple passwords and do not change them for literally years. "
In July 2014, ESET announced a partnership with Cyberoam Technologies, a developer of network security tools. As part of the collaboration, the ESET Secure Authentication (ESA) two-factor authentication tool will be integrated into Cyberoam Technologies' combined threat management (UTM) and next-generation firewalls.