Security Basics mailing list archives

RE: two-factor authentication, via T1?

From: "Wicks, James (NBC Universal)" <James.Wicks () nbcuni com>
Date: Tue, 10 Mar 2009 23:49:12 -0400

Since you are using remote desktop, I am assuming that this is a Windows
environment.  Have you thought about using IPSEC for domain isolation?
Since any system not in the domain will be blocked from communicating with
any system within the domain, this security control may provide the
additional assurance that you need in your environment.

If you are only looking for a simple two-factor authentication solution (as
in when a person connects to a server via remote desktop) and your
environment is mixed with Windows/Unix/Linux, there are a ton of options
including PKI and biometric devices.  RSA tokens are a simple and proven
technology, but not the least expensive option on the block.  There are also
SmartCards and USB tokens that can be used.  It all depends on your budget.
Can you provide a few more details about the project?


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of aditya mukadam
Sent: Monday, March 09, 2009 11:20 PM
To: dgonzalez () merituspayment com; security-basics () securityfocus com
Subject: Re: two-factor authentication, via T1?

Hello,

Thanks for the quick explanation about the issue, however Im still not
clear what exactly is needed ? Do you need you connect to servers via
2-Factor authentication ? via T1 . How is 2-factor integrated with the
Server ?

PC---------T1-------------Server --------Radius/Auth. Server ?

Frankly speaking, I don't see any issue even if you use T1 link .

Thanks,
Aditya Govind Mukadam

On Mon, Mar 9, 2009 at 11:20 PM,  <dgonzalez () merituspayment com> wrote:

Hello list,

Does anyone have or has had experience with two-factor authentication via

a T1 link?


Here is the issue I have.
I have a Co-Lo housing all server systems. The office I work from is

connected to the Co-Lo via T1 link. We have 4 network segments (for PCI
purposes) and to access the server segment, I need to implement two-factor
authentication. I use remote desktop to access servers, but this is not
enough. I am having trouble since I am connected to the Co-Lo via T1 on how
I could implement this two-factor authentication.


Thank you in advanced.

dgonzalez

Attachment: smime.p7s
Description:

Current thread:

two-factor authentication, via T1? dgonzalez (Mar 09)
- Re: two-factor authentication, via T1? Nick Owen (Mar 09)
- Re: two-factor authentication, via T1? aditya mukadam (Mar 10)
  - RE: two-factor authentication, via T1? Wicks, James (NBC Universal) (Mar 11)
- <Possible follow-ups>
- Re: Re: two-factor authentication, via T1? no (Mar 10)