Axis of Authentication

Datakey Axis is a simple solution for smart card deployment.

Smart cards are rapidly becoming accepted as a standard authentication device in many organizations. Historically though, smart cards have been a challenge for IT administrators to deploy. Datakey is trying to address this with its Axis smart card reader system that simplifies deployment for administrators and sign-on for users.

And smart card systems aren't commonplace yet, so preparing to deploy a smart card system may leave many administrators scratching their noggins.

Quick and Painless
Datakey has greatly simplified the process of setting up a smart card environment. Axis uses a comprehensive system of policies that takes the confusion out of setup and makes it quick and painless—essentially a turnkey solution. You configure your certificate server to use smart card certificate templates (if you want to use PKI), install the administrator station, and define your policies. Then you plug in your smart card readers at client stations, issue cards to users and let them start signing on.

I particularly like that Datakey uses existing technologies, rather than trying to come up with something completely new. The installers for the drivers and client are cleanly packaged in MSI file format, making deployment a snap through Group Policy Objects or System Management Server (SMS). If you configure your machines equipped with smart card readers into their own Windows Security Group or SMS Collection, it becomes much easier to deploy both the client and drivers for whichever smart card reader you use. At the client station, the administrator or user only has to connect the smart card reader.

Figure 1.
Figure 1. The Axis Administrator console—simple yet effective. (Click image to view larger version.)

Axis' shining feature is support for single sign-on (SSO). Whether defined at the administrator side through the admin tool or on the client side by putting tokens on the card, in a single step Axis enables users to log on to Citrix MetaFrame and Novell applications as well as Web sites. With a quick tie into the Active Directory support for Kerberos 5, Unix-based stations can also participate in SSO.

Token Storage
The Axis client has a simple interface with just the right amount of features. You can configure it to perform sign-on for applications and Web sites, storing those credentials on the card in addition to the tokens defined in the Axis administration tool. Each client also has a utility that helps troubleshooters check the status of tokens to ensure that they work properly without compromising security. If a user loses a card, the system locally caches an encrypted recovery file to restore and load all tokens onto another card. It can also work in temporary mode without a card.

Datakey Axis is simple to use, functional and modular. It is a no-nonsense smart card system that you can quickly put online and start using, without being bogged down by extraneous features. Administrators preparing to deploy smart cards for authentication should give Axis serious consideration.

About the Author

Rick A. Butler, MCSE+I, is the Director of Information Services for the United States Hang Gliding Association.

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.