Skip Links

Single sign-on moves to the cloud

Okta and OneLogin score high in test of eight SSO solutions that cut help desk calls and boost password security

By David Strom, Network World
December 17, 2012 12:00 AM ET

Page 8 of 10

For example, SmartSignin seems to be paying a lot of attention to various security exploits, which is a good thing. It is the only one of the SSO products we tested that not only requires a password but a separate passphrase that you and you alone have knowledge of, and that you have to enter when you sign-on to their SSO portal. All security information is stored on your desktop. Their Active Directory connector doesn't transmit information in the clear in order to protect against man-in-the-middle attacks of your directory content.

They are weak in terms of browser support and are just getting started on their multifactor integration. The Enterprise package has a single option for out of band authentication using text SMS messages. They claim more than 400 applications are supported and pre-configured.

Their dashboard is well-designed and easy to navigate. There is a single report that is just a listing of events, which is less than satisfying.

Pricing for the Enterprise plan for 500 users would be $43,200 for the first and subsequent years. If you can do without the Enterprise features (multiple roles and on-premises server), then the Pro plan will bring this down to less than half that amount.

Symplified

Symplified has two offerings: one that is cloud-based using an Amazon AMI and one that can be installed on-premises as a VM. Unlike the other vendors with separate offerings, Symplified has the same feature set. There are no browser extensions but the product has its own Active Directory connector called SimpleLink, which also supports LDAP connections and is a piece of software that has to be downloaded to any on-premises directory server. This creates a secure tunnel that encrypts the authentication requests.

Symplified calls its product an identity router and the term is apt, as there are lots of access rules and policies like you would see in your network firewall, but of course concerning identities. It supports a large collection of identity providers, which Symplified calls User Stores, including LDAP, Oracle, Salesforce, Netsuite, Google and various SQL databases.

Their app support isn't as plentiful as it could be, but you can set up your own custom connector using the procedures and scripting features in the product. Apps have a rather convoluted workflow that isn't as appealing as the other products and will take more time to debug and find configuration errors. This is because they separate the authentication from the authorization process. We needed some help with our configuration, but imagine that once you get the hang of it you can create what you need in a few minutes once you know how it all works. After you set up your SSO, you hit the publish button to deploy them explicitly. This adds an extra step in the debug cycle but we can understand why they have it included.

Their documentation is all online and hyperlinked to make it easy to navigate among the various pieces. Reports are more log files although some summary information can be found on the main dashboard page.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News