Defender
Defender product overview
Two-factor authentication made easy
Defender enhances security by requiring two-factor authentication to gain access to your network resources. Defender uses your current identity store within Microsoft Active Directory (AD) to enable two-factor authentication. It takes advantage of AD’s inherent scalability and security to eliminate the time and expense involved with setting up and maintaining proprietary databases. Defender’s web-based administration, user self-registration and ZeroIMPACT migration capabilities ease implementation for administrators and users. Plus, Defender hardware tokens utilize their full battery life and provide software tokens that never expire.
Features
Active Directory-centric
Use the scalability, security and compliance of Active Directory (AD) to provide a two-factor authentication to any system, application or resource. You can take advantage of the corporate directory already in place, instead of creating an additional proprietary one — and save time and money. User token assignment is simply an additional attribute to the user object within AD.
Token self-registration
Enable users to request a hard or soft token based upon policy defined by administrators, and then quickly and easily assign that token to their account through a secure mechanism. Token self-registration removes the entire administrative burden and associated costs of conventional manual token assignment.
Help desk troubleshooter
Enable help desk and Defender administrators to troubleshoot, diagnose and resolve user-authentication-related problems with just a couple of mouse clicks from any browser. View a current list of authentication attempts and routes, with associated results, possible reasons for failures and one-click resolution steps. In addition, Defender enables you to view user account details and assigned tokens, quickly test or reset the pin, provide a temporary token response, or reset or unlock the account.
Web-based administration
Provide Defender administrators, help-desk administrators and end-users options for token management, token deployment, real-time log viewing, troubleshooting and reporting using the web-based Defender Management Portal.
Make use of the full battery life of hardware tokens—typically 5 to 7 years —rather than having a vendor-defined term. This enables you to replace tokens as they expire, in a business-as-usual process, instead of to all users at one time and incurring the costs associated with such a project. In addition, Defender offers software tokens that never expire. View all available tokens.
ZeroIMPACT migration
Defender can run in tandem with legacy systems. All user-authentication requests are directed to Defender. If the user is not yet defined within Defender, the authentication request is passed via the proxy feature to the incumbent authentication solution. This allows administrators to migrate users to Defender as their legacy tokens expire, with virtually no overhead from an administrator or end-user perspective.
Universal soft token license
Defender offers a wide range of software tokens for most popular and widely deployed mobile platforms. By offering a universal software token license, the administrator can easily reissue the appropriate device license when a user decides to switch mobile platforms.
Secure webmail access
Enable secure web-based access to your corporate email system from any web browser anytime, anywhere with Cloud Access Manager, a reverse proxy solution included with Defender. In addition, you can require Defender token use for access to ensure appropriate authentication regardless of access point.
Pluggable Authentication Module (PAM)
Specify that services and users defined on your Unix/Linux systems be authenticated by Defender with its Pluggable Authentication Module (PAM).
Encryption
Secure communications by associating a Data Encryption Standard (DES) with the Defender Security Server. Defender supports AES, DES or Triple DES encryption.
Specifications
- Platform
- Windows 2012 R2 (64-Bit editions only)
- Windows 2012 (32-Bit or 64-Bit)
- Windows 2008 R2 (64-Bit editions only)
- Windows 2008 (32-Bit or 64-Bit)
- Memory
- 2 GB
- Hard disk space
- 40 GB
- Processor
- 2 GHz or faster, x86 or x64 architecture
- Platform
- Windows 2012 R2 (64-Bit editions only)
- Windows 2012 (64-Bit editions only)
- Windows 2008 R2 (64-Bit editions only)
- Windows 2008 (32-Bit or 64-Bit)
- Windows 8.1 (32-Bit or 64-Bit)
- Windows 8 (32-Bit or 64-Bit)
- Windows 7 (32-Bit or 64-Bit)
- Windows Vista® (32-Bit or 64-Bit)
- Memory
- 512 MB
- Hard disk space
- 2 GB
- Processor
- 1.4 GHz or faster, x86 or x64 architecture
- Additional software
- Active Directory Users and Computers (ADUC) tool
- Microsoft Visual C++ 2013 Redistributable Package (installed automatically together with the Defender Administration Console)
- Microsoft .NET Framework 4.0 (installed automatically together with the Defender Administration Console)
- Platform
- Windows 2012 R2 (64-Bit editions only)
- Windows 2012 (64-Bit editions only)
- Windows 2008 R2 (64-Bit editions only)
- Windows 2008 (32-Bit or 64-Bit)
- Memory
- 2 GB
- Hard disk space
- 40 GB
- Processor
- 2 GHz or faster, x86 or x64 architecture
- Additional software
- Microsoft Internet Information Services (IIS) 8.5, 8.0, 7.5, or 7.0, with Forms Authentication and ASP .NET role services enabled (configured automatically by the setup)
- Microsoft .NET Framework 4.0 (installed automatically together with the Defender Management Portal)
- To access the Defender Management Portal, you can use any of the following Web browsers:
- Chrome 15 or later
- Firefox 8 or later
- Internet Explorer 9 or later (Internet Explorer run in compatibility mode is not supported)
- Opera 11.1 or later
- Safari 5.1 or later
Download free trial to see the full list of system requirements.
Resources
Defender
Enhance security with two-factor authentication.
Bakersfield Police Department locks down remote access with Defender
The city of Bakersfield's Police Department locks down remote access with Defender
The Village of Westmont secures working environment with One Identity’s suite of IAM solutions
For the Village of Westmont, a Chicago suburb, One Identity solutions – : Defender, Password Manager and Cloud Access Manager – mean a safe, easy-to-use and secure working environment for employees and peace of mind for IT managers
Top five questions you should ask before purchasing a two-factor authentication solution
In this tech brief we will discuss the top five questions that you should ask before purchasing a two-factor authentication solution.
Defender - The Right Way to Prove Identity and Establish Trust
This technical brief explains how you can prove the identity of the other party in an e-transaction or exchange of information. It also describes why Defender is an excellent solution to help you accomplish this. Seamlessly integrated with Microsoft’s Act
The Breach Prevention Playbook
This eBook focuses on the IAM practices and technologies that provide the best path to cyber-security.
GDPR Checklist - Are You Ready?
GDPR is fast-approaching. Are you ready? use this checklist to find out.
The Journey to IAM Success: Exclusive insights and recommendations
Read this insightful overview of IAM-project strategy from KuppingerCole and One Identity to hear from organizations that have made the journey to IAM success and learn their recommendations for preparing the way and executing your IAM project.
- More Resources
- Communities
- Events & Demos
- Research Docs
- Videos
- Customer Stories
Take the next step
Related Products
Starling Two-Factor Authentication
Secure your organization and keep your users productive.
Defender Mainframe Edition
Enable two-factor authentication for IBM System z mainframe networks or single business transactions
Support & Services
Product Support
Self-service tools will help you to install, configure and troubleshoot your product.
Support Offerings
Find the right level of support to accommodate the unique needs of your organization.