Strong authentication for Palo Alto SSL VPN

Palo Alto Technology Alliance Program

The Palo Alto Networks Technology Alliance Program selects leading IT security technology providers to support solutions that integrate with next generation firewalls, thereby accelerating the development of interoperable security products and simplifying the deployment of these products within complex customer environments.

Partnership to deliver Two Factor Authentication

Palo Alto Networks and Nordic Edge have partnered to deliver strong authentication in an easy-to-use and reliable way, and to provide users with a variety of different authentication delivery methods to choose from.

The Need for Secure Identity Solutions

IT administrators of are today facing a growing number of challenges to meet ever increasing business demands, as shown in Figure to the right.  These call for a next generation, strong authentication platform that is ready and proven today, but architected to support future, evolving requirements.

Most organizations with applications and services that are accessible through the Internet have a need to secure remote access to their resources. Many organizations are still relying on only username /  password for access, a very poor security solution since it leaves the login open for many different kinds of attacks, such as shoulder surfing, keyboard sniffing, social engineering, and brute force hacking, among others.

The growing use of mobile devices and cloud computing services has recently added a level of complexity to these challenges.  All organizations should evolve the capabilities of their identity assurance programs to meet these new demands.

One Time Password Server 3

The Nordic Edge OTP3 is a one-time password server that validates one-time use passwords to offer dual factor authentication for internal, remote and mobile network users.  One-time passwords overcome the well known security issues that surround static passwords.  Fully standards-based, the OTP3 is offered as an installable software program that operates in Java-based virtual machine environment, and is therefore compatible with all major operating systems.

Figure. General scenario solution overview

The OTP3 integrates seamlessly with many different types of remote connections, such as VPNs, web servers and thin-clients. It is easily connected to an existing user store and does not require its own user depository, like many other authentication solutions.  This means that current administration tools can be used, resulting in minimal administrative overhead.  It requires minimal investment and effort to get up and running.

Most importantly, it supports multiple authentication delivery methods, including both hard and soft tokens, and the popular SMS (text messaging) method.  The OTP3 can be flexibly implemented to meet customer preferences for one-time password generation.Custom applications can easily be integrated into this product by using our programming API’s, for which there are Java and Microsoft .NET framework versions available. Read more

Key benefits

• Increased security
• No extra hardware or user database to administer
• Platform independent
• Gives overseas users access instantly

Supported Authentication Methods

SMS , E-Mail,Chat, Mobile Client Pledge, Tokens supporting OATH

Supported Palo Alto Products

• PA-5000 Series Firewalls
• PA-4000 Series Firewalls
• PA-2000 Series Firewalls
• PA-500 Firewalls

Multiple methods for OTP delivery

With OTP3, users can choose what method to use when logging in. It’s also possible to control what login method different users have access to. Multiple methods for every user or different methods for every user. It’s your choice!