Axiad Phishing-Resistant Authentication Package
  • 23 Aug 2024
  • 3 Minutes to read
  • Dark
    Light
  • PDF

Axiad Phishing-Resistant Authentication Package

  • Dark
    Light
  • PDF

Article summary

What is Axiad Phishing-Resistant Authentication?

Leveraging the power of the Axiad Cloud, Axiad Phishing-Resistant Authentication (PRA) provides consolidated, consistent, and efficient passwordless and phishing-resistant MFA for end users, much like our Axiad MFA solution.

Axiad PRA goes even further than our Axiad MFA solution by delivering a broad range of enterprise-grade phishing-resistant methods (such as FIDO2 and Certificate-Based Authentication) to government-grade, phishing-resistant, strong hardware tokens, and conformance to standards (including user behavior validation).

How is It Useful?

Axiad Phishing-Resistant Authentication helps you address government mandates, and provide the highest level of authentication to privileged users and knowledge workers.

Package Details

Virtual Private Cloud

Feature

Description

Included

Virtual Private Cloud

A dedicated virtual cloud for your organization.

FIPS 140-2 Level 2 HSM partition

Encrypt your data with higher standards of security, including role-based authentication and tamper-evident physical devices.

Device authentication certificates

Up to 10 infrastructure authentication certificates.

Customer Success and Technical Support

Feature

Description

Included

Quarterly meeting with Customer Success Engineer

Meet with a Customer Success Engineer once per quarter.

Knowledge Center access

Self-service training and technical guidance.

Quarterly training webcast

Access to Axiad's quarterly training webcast.

Standard Technical Support

Access to Axiad's team of technical support agents Monday - Friday, 8am PST - 5pm PST.

Premium/Hypercare/Hypercare+ Technical Support

There are three levels of additional technical support available:

  • Premium support: Adds 24x7 technical support to the Standard support package.

  • Hypercare support: A premium support package for all Axiad Cloud packages.

  • Hypercare+ support: Our most comprehensive support package for Passwordless Orchestration and PKIaaS package customers.

Available at an additional cost. See Technical Support Packages for more details.

Credential Enrollment and Account Recovery Features

Feature

Description

Included

Axiad Unified Portal

View your organization's credentials and user base, run reports, recover accounts, and more from a single location.
For Entra ID users: A consolidated dashboard to view your Axiad Cloud and Entra ID authentication credentials in one place.

Axiad MyCircle

Enroll, renew, recover, and manage your coworkers' credentials, virtual smart cards, and authentication devices.*
*Based on your organization's security policies.

Axiad AirLock

Windows users can enroll, renew, and manage their own credentials, virtual smart cards, and identity devices. They can also self-service their own secure and passwordless account recovery.

Auditing and Risk Management

Feature

Description

Included

SIEM Connector

Send Axiad Cloud alerts and events to your organization's SIEM (such as Splunk or QRadar).

Reporting

Create report templates to view and manage your users' credentials.

Insights Dashboard
(coming 2024)

View at-a-glance Phishing Resistant MFA deployment metrics and progress indicators.

SOC2 Certification

SOC 2, developed by the American Institute of CPAs (AICPA), is a voluntary compliance standard based on security, availability, processing integrity, confidentiality, and privacy.

FedRAMP

FedRAMP standardizes security requirements for the authorization and ongoing cybersecurity of cloud services in accordance with FISMA, OMB Circular A-130, and FedRAMP policy.

Available at an additional cost

Application Multi-Factor Authentication

Feature

Description

Included

Axiad Cloud as an authentication service

Extend your primary IDP with Axiad Cloud Authentication Service via FIDO2, 0AUTH OTP, and/or secure push notifications.

RADIUS Server

Remote access servers can communicate with Axiad to securely authenticate dial-in users, and authorize their access to requested systems or services.

Extend your IAM with Certificate-Based Authentication/PKI

Enable Axiad's Certificate-Based Authentication within your existing IAM infrastructure. Available with different integrations such as Entra ID, Okta, PingOne Identity, and others upon request.

Passwordless PIV (Personal Identity Verification) credentials

Passwordless support for applications that can accept credentials for certificates, X509, PIV, and CAC.

Axiad Cloud as your primary identity provider

Make Axiad your primary authentication provider with third-party SAML/OpenID connections.


Identity Provisioning

Feature

Description

Included

SCIM integration


Integrate with Entra ID, Okta, PingOne Identity, and more to securely synchronize users from your IAM solution into Axiad Cloud.

OnPrem Microsoft integration

Connection to your OnPrem Microsoft Active Directory.

Available through Axiad Professional Services

User Authentication Methods

Feature

Description

Included

Traditional authentication methods

Hardware/Software OTP (TOTP, HOTP)

Axiad ID Mobile App (secure push notification)

The Axiad ID (Mobile Authenticator App) leverages asymmetric cryptography push notifications. There are no shared secrets with this method.

Phishing-Resistant Methods

FIDO2

FIDO2 removes passwords and shared secrets from the login workflow.

Certificate-Based Authentication

Certificate-Based Authentication for your Gemalto/IDEMIA Smart Cards, Virtual Smart Cards (Windows+TPM), and YubiKeys.

Windows Hello for Business users

Axiad Cloud extends Windows Hello for Business capabilities.

Advanced PKI

No Advanced PKI are available for this package. See the Axiad Cloud Package Comparison article for packages that include these features.

Feature

Description

Included

Secure email and documents

Enable email and document signing and encryption.


Custom certificates

Support for custom certificate policies.


Machine identity management

Manage your PKI certificates for WiFi access, network access control, domain controllers and web server authentication, Virtual Machine integrity, trusted devices (endpoint authentication), and DevOps tools/code signing.


Public PKI

Issue and manage publicly trusted certificates. We support FBCA (for federal clients) and WebTrust (for enterprise clients).


OnPrem PKI

PKI integration with an existing Microsoft certification authority (AD CS).



Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.