Security vendor WatchGuard Technologies Inc. has entered the multifactor authentication (MFA) market with the release of a product called AuthPoint.
Available immediately worldwide, the new system is the company’s first entirely software-based solution and marks the first step in a wider strategic expansion beyond mostly hardware-based network and Wi-Fi security solutions.
AuthPoint is tailored specifically to the needs of SMBs, which according to Seattle-based WatchGuard generally regard MFA products as expensive, complicated, and hard to maintain. Indeed, 61 percent of respondents to a survey of IT managers and professionals at companies with under 1,000 employees conducted for WatchGuard by CITE Research said that MFA services are designed for large enterprises.
“We addressed all those issues with AuthPoint, bringing a solution that’s really cost-effective, very easy to manage, and you don’t need specialized people in the company to deal with it,” says Alexandre Cagnoni, director of authentication at WatchGuard.
A cloud-based solution, AuthPoint sends push notifications to lightweight iOS and Android mobile apps every time someone utilizes an end user’s login credentials. The user can reject illegitimate connection attempts with a single tap.
AuthPoint supports one-time passwords in addition to push messages. Users who need access to protected resources while offline can also scan a QR code to authenticate themselves.
According to Cagnoni, all three techniques are preferable to authentication schemes based on SMS text messages, which aren’t always available to mobile users, and can be spoofed or redirected by sophisticated attackers.
To further protect against unauthorized logins, AuthPoint comes with a feature called Mobile Device DNA that collects identifying information about a user’s smartphone and tablet every time they use the AuthPoint app. Drawing on that digital fingerprint, the system automatically rejects authentication attempts originating from an unrecognized device.
Technicians can administer AuthPoint deployments and view detailed reporting data via WatchGuard Cloud, a new multi-tenant online management portal. First previewed for ChannelPro in April at the RSA security conference in San Francisco, WatchGuard Cloud will gradually replace a series of presently separate consoles with a unified “single pane of glass” management experience.
“More and more, you’re going to see new applications and new solutions being ported or created for WatchGuard Cloud,” Cagnoni says.
AuthPoint subscriptions are available for one- and three-year terms, with discounts for bulk orders. Pricing begins at $2 per user per month for small, one-year purchases and drops to as low as $1 per user monthly when bought for three years in larger quantities.
Managed security service providers in WatchGuard’s partner program will soon be able to acquire AuthPoint licenses with the same “Pre-Pay Points” they currently use to provision managed security appliances rapidly.
All WatchGuard partners have access to unlimited trial deployments of the system.
AuthPoint is a stand-alone system that channel pros can deploy to any customer, regardless of which brand of firewall they use. WatchGuard plans to introduce new functionality linking its Firebox firewalls more tightly with AuthPoint than other authentication products, however.
“In the future, we’re going to add some features to Firebox which will make it even easier to integrate multifactor authentication to different applications,” Cagnoni says.
AuthPoint is based on technology WatchGuard acquired through its August 2017 purchase of authentication vendor Datablink Inc., of McLean, Va.
WatchGuard competitor SonicWall is branching out from security hardware to software and cloud-based solutions as well, including the Capture Client endpoint protection system, the Capture ATP sandbox service, and the recently introduced Cloud App Security offering, which provides real-time visibility into compliance and privacy risks associated with an end user’s cloud-based solutions.