Last updated: 16 May 2016
The key to a successful IT product depends in most cases on the product’s ease of deployment and management. That’s why the next version of Microsoft’s ADFS is good news to the strong authentication market. Yesterday at TechEd 2013 New Orleans, Microsoft announced new options for ADFS to be deployed with multi-factor authentication solutions, in a far simpler way than before.
Looking at recent SaaS vendors’ announcements, it is easy to notice a shift in market perception about strong authentication. More and more SaaS application vendors – and several on-premise vendors too – are adding multi-factor authentication functionality to their feature sets. Twitter and Dropbox are just two examples from the last month of two vendors that added such a capability. Yesterday’s announcement was an indication that Microsoft is also heading in this direction.
In its current version of Windows Server 2012 Active Directory Federation Services (ADFS), Microsoft’s Web Single Sign On (Web-SSO) solution, can be deployed with strong authentication only by using Windows smartcard authentication, a custom solution, or a third party identity provider (such as SAML IdP).
This limits the deployment of ADFS with multi-factor authentication solutions, and makes it a bit more complex than necessary. Kudus to Microsoft for addressing this challenge by announcing that the next Windows Server release, Windows Server 2012 R2, will include enhancements to ADFS which will allow multi-factor authentication providers to implement strong authentication through an adapter framework.
At SafeNet, we worked closely with the Microsoft ADFS team to link this new capability with SafeNet Authentication Service. The result of this effort was demonstrated yesterday in a TechEd North America 2013 session (you can watch the full session or download slides). Sam Devasahayam from Microsoft showed a preview version of ADFS using a SafeNet adapter to authenticate a user by connecting to SafeNet Authentication Cloud Service. The demo showed just how simple it will be to deploy Microsoft’s solution with third part multi-factor authentication solutions.
The integration with SafeNet Authentication Service offers ADFS users a fully automated versatile strong authentication as-a-service solution that supports a variety of authentication methods and is fully integrated with Active Directory. The Microsoft ADFS – SafeNet integration provides an easy to deploy and easy to manage, cloud-based multi-factor authentication solution to services such as Office 365 and SharePoint.
I started out this post with the view that the key to a successful solution depends on ease of deployment and management. The preview version of ADFS is undoubtedly a step in the right direction on the part of Microsoft in its efforts to simplify and extend multi-factor capabilities in ADFS. We’re now waiting in anticipation to see what Microsoft has in store at the end of the year when it plans to release its new version of Windows Server.