Deepnet DualShield is a powerful and flexible multi-factor authentication (MFA) system designed for on-premises deployment or hosting in a private cloud, providing organizations with total control over their user authentication infrastructure and ensuring the security of user identities and credentials. It unifies a wide variety of authentication methods, protocols, solutions, and user experiences within a single, comprehensive platform. Beyond its core MFA capabilities, DualShield extends its functionality to include self-service Password Reset, Single Sign-On (SSO), Identity & Access Management (IAM), and Adaptive Authentication. The system supports nearly every type of multi-factor authentication method, encompassing knowledge-based (e.g., OTP via SMS/email), token and device-based (e.g., OTP tokens, smart cards, USB keys), and biometrics (e.g., fingerprint, face, voice recognition). It also incorporates advanced features like Device Fingerprint and Device ID for enhanced security. Deepnet DualShield can secure all commonly used enterprise, web, and cloud applications, including VPN and RDP remote access, Windows, Mac, and Linux OS Logons, various Web & Cloud services (such as Office 365, Google Apps, Salesforce, AWS), and Outlook emails. It supports key authentication protocols like LDAP, RADIUS, SAML, FIDO, and OATH, ensuring broad compatibility with existing IT infrastructures. The platform is designed to provide an excellent user experience, minimizing inconvenience despite the inherent complexity of multi-factor authentication, and includes a robust policy engine for customization, as well as comprehensive auditing, alerting, and reporting tools for compliance and threat assessment.

Features & Benefits

• Unified Authentication Methods
  • Supports a comprehensive range of multi-factor authentication methods across knowledge-based, token/device-based, and biometrics categories.
  • OTP (One-Time Password) by SMS, email, voice call
  • OOBA (Out of Band Authentication) by push notification, SMS, voice call
  • OTP tokens, keyfobs, and cards
  • OTP apps (e.g., Deepnet MobileID, Google Authenticator)
  • Grid cards, proximity cards, and smart cards
  • USB keys (FIDO U2F)
  • Keystroke Dynamics
  • Biometrics (e.g., Fingerprint, Face & Voice recognition)
  • Device Fingerprint, Device ID, Device DNA
• Unified Authentication Solutions
  • Secures all commonly used enterprise and web/cloud applications with multi-factor authentication.
  • VPN Login (e.g., Cisco ASA, Palo Alto SonicWall, WatchGuard)
  • Windows Login (AD domain login, RDP login)
  • MacOS Login
  • Web Applications (e.g., Sharepoint, CRM, ERP)
  • Cloud Services (e.g., Office 365, Google Apps, SalesForce, AWS)
  • Outlook Anywhere, Outlook Web Access, ActiveSync
• Unified Authentication Protocols
  • Supports various authentication protocols for different application types, ensuring broad compatibility.
  • LDAP: For directory services and user credential verification.
  • RADIUS: For centralized Authentication, Authorization, and Accounting (AAA) services, common in networking devices.
  • SAML: Open standard for exchanging authentication and authorization data, commonly used for SSO in web & cloud applications.
  • FIDO: Security specifications for strong authentication, often replacing passwords with device-based authentication.
  • OATH: Open authentication standards like TOTP and HOTP, de facto OTP standards.
• Adaptive Authentication
  • Includes a powerful risk engine that uses machine learning to evaluate login request risk in real time, considering context like Geo location, IP addresses, network location, device information, and time of day.
• Single Sign-On (SSO)
  • Provides a SAML-based SSO server enabling users to sign on once for access to multiple web and cloud applications, including desktop to web/cloud SSO via Microsoft’s Integrated Windows Authentication.
• Password Reset
  • Offers a secure, web-based self-service portal for users to remotely manage, change, and reset AD passwords, and unlock AD accounts, with secure automation via SMS/E-mail verification or security questions.
• Identity & Access Control
  • Streamlines user management by integrating with existing user directories like LDAP or Microsoft Active Directory, enabling enforcement of intelligent access policies based on user context.
• MFA Policy Engine
  • Features a powerful and flexible policy engine for customizing the system to exact requirements, allowing determination of appropriate authentication methods for specific users or applications.
• Audit, Alert & Report
  • Logs all events and activities for auditing, accounting, and monitoring, generating reports for compliance or cyber threat assessment, and alerting administrators in real time on critical events via email or SMS.