SC Magazine: Cryptocard Blackshield Server v3.1

The Cryptocard Blackshield Server v3.1 is designed as an authentication service delivery platform, automating all tasks around user and token management, provisioning, reporting and billing. The model we evaluated was the Service Provider Addition, a version that allows for provisioning and/or on-boarding virtual servers to deliver a multitenant model, which means that a single instance can support multiple organizations or directories, each appearing to have their own enterprise server.

We kicked off the software load on our Windows server, and the process was fairly simple. The installer loads the software and a default PostgreSQL database. We then browsed to the localhost, a web-based interface, and used our Active Directory (AD) administrator credentials to login to the site. Through the web interface, we could import the license, configuring the connection to the database, and set up account information, self-enrollment policies and portal details. The documentation walked us through the process without issue. Once we completed the server setup, we installed the Blackshield Windows Logon client on one of our Windows test systems. (The client does require one to provide the path to the enterprise server, so that must be completed first.)

Users were added automatically through the lightweight directory access protocol (LDAP)/AD integration. Policy engines are easily configured to perform routine tasks, such as the automatic issuing of tokens, provisioning of users, revocations, and access control based on changes to a user’s security group memberships made in LDAP/AD. Tokens can be manually assigned and PINs issued, or there is the ability to bulk assign through LDAP/AD.

There is support for all cloud applications and services that support SAML 1.1 or 2.0. Additionally, there is support for virtual private network (VPN) and firewall devices supporting RADIUS, as well as vendor-specific applications, such as Outlook Web Access, Citrix, SharePoint, Salesforce.com, Google Apps and Microsoft Remote Web Workplace. New features in this version include support for SAML, support for MP-1 tokens on Android OS, SMS/one-time passwords via email, and additional token management reports.

There was standard/canned and customized reporting available. Alerting was also offered on both the dashboard and through email and text

messaging. The management interface on the device is clean and is a good tool for viewing the enterprise at a glance and drilling down to user-level detail and management.

The documentation was helpful. We were even provided with welcome guides for various token types that might prove helpful in rolling out the various authentication components to a user base.

Both eight-hours-a-day/five-days-a-week and 24/7 support options are available. Typical costs are 15 and 20 percent of server pricing for customers purchasing a license. Support is rolled into the monthly usage fee for clients adopting subscription licensing.

Product Information

Price:$50/user (subscription includes support and tokens)

Product Rating

Features star star star star star
Ease of Use star star star star
Performance star star star star star
Documentation star star star star
Support star star star star star
Value for Money star star star star
Overall Rating star star star star ½
For: Set up and deployed easily. Alerting was well done. Full device support.
Against: Nothing worth noting.
Verdict: Good price point, nice standalone or multitenant platform, support for network-, application- and cloud-based authentication.



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s