Printable View
Hi,
that's my system: I've an exchange2003server and I use Squid 3.0 to
access Outlook Web Access with SSL. Everything works! Now my question:
We've few (5) employees which use OWA and I want to secure that
connection. I heard something about proxie_auth I thought about
RSA-SecurID tokens. but that is to expensive for now. Do you've ideas
for a solution how to secure squid effectively.
Sry I don't know why but I think my text looks bad :-) I'm not
english.. :-)
Thanks
me
me:
Perhaps you would be interested in testing the WiKID strong
authentication system, which is available as open source or under a
commercial license. Although I haven't tested it with squid, I have
tested extensively with PAM, so it should be doable. You can find more
info at [url]http://www.wikidsystems.com[/url] or at our sf.net site:
[url]https://sourceforge.net/projects/wikid-twofactor/[/url]
HTH,
nick
--
Nick Owen
WiKID Systems, Inc.
404.962.8983
[url]http://www.wikidsystems.com[/url]
Commercial/Open Source Two-Factor Authentication
[url]https://www.linkedin.com/in/nickowen[/url]
Hi,
thanks!! That sounds great!! :-)
But I couldn't figure out wether it is for free or not?! Are there any
limitations?
Thanks in advance!
me
The open source version is licensed under the GPL. You can find info
about the differences between the commercial and opensource version in
the oss faq: [url]http://www.wikidsystems.net/faq/[/url]. All we ask is for
feedback and that if you like it, you tell your friends!
"me" wrote:
[color=blue]
> I thought about RSA-SecurID tokens. but that is too expensive for now.[/color]
Just a footnote about RSA SecurID pricing. These prices include an RSA
Authentication Manager (AM) with a per-seat license; various RSA
Authentication Agents; and at least ten tokens from one of the several
classes of hardware SecurIDs and SecurID token-emulation modules (for
phones, beepers, PDAs) that RSA now sells.
See: <http://www.rsasecurity.com/node.asp?id=1155>.
A ten-token bundle with the stream-lined RSA SecurID Appliance, on a
hardened Windows platform, sells for about US$4,000 stateside.
European pricing is about US$4,691 (EUR3,675.18). See:
<http://www.rsasecurity.com/node.asp?id=2826>.
Admittedly, this is not for the poverty-stricken, but neither is it
stratospheric.
In North America, where the SMB version has sold like gang-busters for
a year, very small businesses -- say less then 25 users -- typically
purchase the SecurID Appliance to meet regulatory, audit, or other
compliance requirements foisted upon them buy the firm's customers or
business partners, or legal requirements associated the particularly
sensitive type of data they are processing. I presume that similar
pressures shape the MEA market.
I've been a consultant to RSA for nearly 20 years and I admit I never
expected to see the full AM functionality pulled down this deeply into
the small business market. To go beyond this, I suspect RSA will have
to go with some "AM lite:" with RSA's token-validation kernel
integrated into a database already used by another commercial networked
products.
The next cycle in price-cutting for SMBs will probably emerge from the
joint development efforts of RSA and Checkpoint -- but that too will
probably carry the full RSA Appliance package.
Suerte,
_Vin