This document describes how to integrate DualShield with VMWare View 5.1 or higher, in order to add two-factor authentication into its logon process.
By default, VMware View authenticates users using Microsoft Active Directory credentials (user name and AD password). DualShield enhances VMWare View security by adding an extra layer of strong, two-factor authentication that assures the identities of users and protects sensitive company applications and data.
VMWare View Server 5.1+ supports external RADIUS server as its authentication server. DualShield unified authentication platform includes a fully compliant RADIUS server, DualShield Radius Server, which will be configured as the external RADIUS server for VMWare Connection Server to provide two-factor authentication.
The diagram below illustrates the architecture:
DualShield provides a wide selection of portable one-time password tokens in a variety of form factors, ranging from hardware tokens, software tokens, mobile tokens to USB tokens. These includes:
- Deepnet SafeID
- Deepnet MobileID
- Deepnet GridID
- Deepnet CryptoKey
- RSA SecurID
- VASCO DigiPass Go
- OATH-compliant OTP Tokens
In addition to the support of one-time password, DualShield also supports on-demand password for RADIUS authentication. The product that provides on-demand password in the DualShield platform is Deepnet T-Pass. Deepnet T-Pass is an on-demand, token-less strong authentication that delivers logon passwords via SMS texts, phone calls, twitter direct messages or email messages.
The complete solution consists of the following components:
- VMware View Server, Agents & Clients
- DualShield Authentication Server
- DualShield RADIUS Server