ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual
D-2 Two Factor Authentication
v1.0, September 2009
• Quick to deploy and manage. The WiKID solution integrates seamlessly with the
NETGEAR SSL and VPN firewall products.
• Proven regulatory compliance. Two-Factor Authentication has been used as a mandatory
authentication process for many corporations and enterprises worldwide.
What is Two-Factor Authentication
Two-factor authentication is a new security solution that enhances and strengthens security by
implementing multiple factors to the authentication process that challenge and confirm the users
identities before they can gain access to the network. There are several factors that are used to
validate the users to make that you are who you said you are. These factors are:
• Something you know—for example, your password or your PIN.
• Something you have—for example, a token with generated passcode that is either 6 to 8 digits
in length.
• Something you are—for example, biometrics such as fingerprints or retinal.
This appendix focuses and discusses only the first two factors, something you know and
something you have. This new security method can be viewed as a two-tiered authentication
approach because it typically relies on what you know and what you have. A common example of
two-factor authentication is a bank (ATM) card that has been issued by a bank institute:
• The PIN to access your account is “something you know”
• The ATM card is “something you have”
You must have both of these factors to gain access to your bank account. Similar to the ATM card,
access to the corporate networks and data can also be strengthen using combination of the multiple
factors such as a PIN and a token (hardware or software) to validate the users and reduce the
incidence of online identity theft.
NETGEAR Two-Factor Authentication Solutions
NETGEAR has implemented 2 Two-Factor Authentication solutions from WiKID. WiKID is the
software-based token solution. So instead of using only Windows Active Directory or LDAP as
the authentication server, administrators now have the option to use WiKID to perform Two-Factor
Authentication on NETGEAR SSL and VPN firewall products.
The WiKID solution is based on a request-response architecture where a one-time passcode
(OTP), that is time-synchronized with the authentication server, is generated and sent to the user
after the validity of a user credential has been confirmed by the server.