Posted by:
admin
10 years, 1 month ago
So, it used to be common knowledge, some time after I suffered through setting up data centers in co-location facilities but before I was selling security software/virtual appliances, that 'software was dead'. Well, I'm of the opinion that software (and PaaS) are bringing software back.
People liked SaaS because it meant that they didn't have to buy or manage hardware, it was reliable and if you had internet, available everywhere. These SaaS players and consumer sites like Etsy and Netflix led the move to Dev-ops and idempotent infrastructure, creating reliable infrastructure and agile operations. They pushed infrastructure as code as I have seen in packer.io, a program that allows you to build idempotent virtual machines for your virtual platform of choice or PaaS vendor.
With Packer, you can build (as I have) a WiKID server and deploy it to Amazon, Google Compute or VMWare or all of the above to create your own Authentication-as-a-Service for $24 per user per year vs $36 for an AaaS. Will it be reliable? We think so - we released a freemium offering (5 users or less) - betting that our support costs won't really increase. (One of our biggest issues is that customers don't upgrade the server because they never have issues with it.) We also focused on making WiKID as easy to install as AaaS. You can generate a working two-factor auth server for your network from a config file. We also note that since most enterprises require the RADIUS protocol for VPNs or network devices that an AaaS would require a secure proxy. Meaning you are installing software anyway! Why not install the whole thing and maintain control? Plus you get RADIUS return attributes, TACAS+ and other goodies.
Client software distribution isn't even an issue any more. It's either browsers or app stores or pushed by corporate tools.
One thing the vendor loses is the statistics about how their customers are using the system. That would be interesting to see as a vendor - but as the customer do you really want that metadata out there? Further, not every site or service needs the same devops speed as Etsy or Netflix. Some things are best left running (but still should be updated!).
I predict that there will be a lot more of this going on. I can see releasing packer scripts in addition other packaging.
("Death of" should be dead, I know.)
Share on Twitter Share on FacebookRecent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)