Installation guide

Using Security Dynamics Authentication 76

CHAPTER 7

Using Security Dynamics

Authentication

Diva Server for Windows NT supports Security Dynamics authentication as an additional

security feature against unauthorized access to your Windows NT server. If there is a

Security Dynamics ACE/Server (ACE = Access Control & Encryption) on the network and

all authorized clients have the corresponding SecurID tokens, access to the Windows NT

server via ISDN can also be made secure with Security Dynamics authentication.

The Security Dynamics System functions as follows:

On the server side there is the ACE/Server and on the client side the SecurID tokens.

Every client requires an individual SecurID token to generate its own time-dependent

PASSCODEs. The SecurID token generates a six-digit number code in accordance with

an individual algorithm adjusted to the server, which changes every 60 seconds. The token

code together with the personal PIN, that is assigned to every client, yield the PASSCODE.

See the diagram of a standard SecurID token below:

The Security Dynamics authentication is a special server feature independent of the client

side. The only requirement for the client is that it must be able to implement PPP

connections over the ISDN or channelized T1 and enter a user name with password.

Security Dynamics authentication can be done via modem emulation (see Via modem

emulation below) or via the WAN Miniport (see Via the WAN Miniport on page 78).

Via modem emulation

The Remote Access Security Solution from Security Dynamics is designed to work with

external modems. If RAS is configured to work with the Eicon Diva Generic Server Modem,

Remote Access Security can be supported without any restrictions. (For information on

configuring RAS with the Eicon Diva Generic Server Modem, see Eicon Port driver

page 41.)

ECUR

582976