Main Nav

I'm currently investigating adding two-factor authentication for terminal services. It appears that there are products ready to go for Windows (http://www.duosecurity.com/docs/rdp), but I'm looking for something that would work for both Windows and Mac clients. The Mac Remote Desktop Client that comes with Office 2011 does not appear to support this capability. The terminal environment need not be Microsoft Terminal Services if it can support Mac clients as well. Does anyone know of such a product? I'm willing to hear from vendors _directly_ with the understanding that I am simply looking for ballpark pricing. Thank you, Mike Osterman IT Security Officer/ Deputy Director, Enterprise Technology Whitman College

Comments

Mike,
We haven't purchased yet, but the week before last spoke with VASCO. Here is what they say about terminal services.

VASCO’s solution supports RDP / Terminal Server sessions from both Windows and Mac clients. Additionally it also supports connections from Linux. VASCO’s Digipass Authentication for Windows Logon software is installed on a Windows Terminal Server. and when a client makes a connection to the Terminal Server from any client (Windows, Mac, Linux) for a RDP session from that Terminal Server they will be presented with a logon screen, served from the Terminal Server where they will enter their username in the username field and their two-factor authentication, which is a pin or password and one-time password in the password field, so it acts much like a normal login. Two fields, username and password.



To be clear, we have not purchased or tested it, however if you talk off list I would be happy to share the POC info if you are interested in asking more questions directly.

Cathy

Cathy Hubbs, CISSP, CISA, CGEIT
Chief Information Security Officer
Office of Information Technology
American University
202.885.3998




From:        Mike Osterman <ostermmg@WHITMAN.EDU>
To:        SECURITY@LISTSERV.EDUCAUSE.EDU,
Date:        09/20/2012 02:33 PM
Subject:        [SECURITY] Multi-platform two-factor terminal services?
Sent by:        The EDUCAUSE Security Constituent Group Listserv <SECURITY@LISTSERV.EDUCAUSE.EDU>



I'm currently investigating adding two-factor authentication for
terminal services. It appears that there are products ready to go for
Windows (http://www.duosecurity.com/docs/rdp), but I'm looking for
something that would work for both Windows and Mac clients. The Mac
Remote Desktop Client that comes with Office 2011 does not appear to
support this capability.

The terminal environment need not be Microsoft Terminal Services if it
can support Mac clients as well.

Does anyone know of such a product? I'm willing to hear from vendors
_directly_ with the understanding that I am simply looking for ballpark
pricing.

Thank you,

Mike Osterman
IT Security Officer/
Deputy Director, Enterprise Technology
Whitman College

I used to run a Citrix environment with RSA.  We had key fobs and username and password.  We were doing that back in 2003 or so. 
 
We tried to run MS RDG this year at my current shop but it didn't work for Macs so it is out.
 
John Kaftan
IT Infrastructure Manager
Utica College