Axiad Phishing-Resistant Authentication Package
  • 01 Mar 2024
  • 3 Minutes to read
  • Dark
    Light
  • PDF

Axiad Phishing-Resistant Authentication Package

  • Dark
    Light
  • PDF

Article summary

What is Axiad Phishing-Resistant Authentication?

Leveraging the power of the Axiad Cloud, Axiad Phishing-Resistant Authentication (PRA) provides consolidated, consistent, and efficient passwordless and phishing-resistant MFA for end users, much like our Axiad MFA solution.

Axiad PRA goes even further than our Axiad MFA solution by delivering a broad range of enterprise-grade phishing-resistant methods (such as FIDO2 and Certificate-Based Authentication) to government-grade, phishing-resistant, strong hardware tokens, and conformance to standards (including user behavior validation).

How is It Useful?

Axiad Phishing-Resistant Authentication helps you address government mandates, and provide the highest level of authentication to privileged users and knowledge workers.

Package Details

Virtual Private Cloud

FeatureDescriptionIncluded
Virtual Private CloudA dedicated virtual cloud for your organization.

FIPS 140-2 Level 2 HSM partition

Encrypt your data with higher standards of security, including role-based authentication and tamper-evident physical devices.
Device authentication certificatesUp to 10 infrastructure authentication certificates.

Customer Success and Technical Support

FeatureDescriptionIncluded
Quarterly meeting with Customer Success Engineer Meet with a Customer Success Engineer once per quarter.
Knowledge Center accessSelf-service training and technical guidance.
Quarterly training webcastAccess to Axiad's quarterly training webcast.
Standard Technical Support Access to Axiad's team of technical support agents Monday - Friday, 8am PST - 5pm PST.
Premium/Hypercare/Hypercare+ Technical Support

There are three levels of additional technical support available:

  • Premium support: Adds 24x7 technical support to the Standard support package.
  • Hypercare support: A premium support package for all Axiad Cloud packages.
  • Hypercare+ support: Our most comprehensive support package for Passwordless Orchestration and PKIaaS package customers.
Available at an additional cost. See Technical Support Packages for more details.

Credential Enrollment and Account Recovery Features

FeatureDescriptionIncluded
Axiad Unified PortalView your organization's credentials and user base, run reports, recover accounts, and more from a single location.
For Azure AD users: A consolidated dashboard to view your Axiad Cloud and Azure AD authentication credentials in one place.
Axiad MyCircleEnroll, renew, recover, and manage your coworkers' credentials, virtual smart cards, and authentication devices.*
*Based on your organization's security policies.
Axiad AirLockWindows users can enroll, renew, and manage their own credentials, virtual smart cards, and identity devices. They can also self-service their own secure and passwordless account recovery.

Auditing and Risk Management

Feature
Description
Included 
SIEM ConnectorSend Axiad Cloud alerts and events to your organization's SIEM (such as Splunk or QRadar).
ReportingCreate report templates to view and manage your users' credentials.
Insights Dashboard
(coming 2024)
View at-a-glance Phishing Resistant MFA deployment metrics and progress indicators.
SOC2 CertificationSOC 2, developed by the American Institute of CPAs (AICPA), is a voluntary compliance standard based on security, availability, processing integrity, confidentiality, and privacy.
FedRAMPFedRAMP standardizes security requirements for the authorization and ongoing cybersecurity of cloud services in accordance with FISMA, OMB Circular A-130, and FedRAMP policy.
Available at an additional cost

Application Multi-Factor Authentication

Feature
Description
Included 
Axiad Cloud as an authentication serviceExtend your primary IDP with Axiad Cloud Authentication Service via FIDO2, 0AUTH OTP, and/or secure push notifications.
RADIUS ServerRemote access servers can communicate with Axiad to securely authenticate dial-in users, and authorize their access to requested systems or services.
Extend your IAM with Certificate-Based Authentication/PKI

Enable Axiad's Certificate-Based Authentication within your existing IAM infrastructure. Available with different integrations such as Azure AD, Okta, PingOne Identity, and others upon request. 

Passwordless PIV (Personal Identity Verification) credentialsPasswordless support for applications that can accept credentials for certificates, X509, PIV, and CAC.
Axiad Cloud as your primary identity providerMake Axiad your primary authentication provider with third-party SAML/OpenID connections.

Identity Provisioning

Feature
Description
Included 

SCIM integration


Integrate with Azure AD, Okta, PingOne Identity, and more to securely synchronize users from your IAM solution into Axiad Cloud.

OnPrem Microsoft integrationConnection to your OnPrem Microsoft Active Directory.Available through Axiad Professional Services

User Authentication Methods

Feature
Description
Included 
Traditional authentication methods

Hardware/Software OTP (TOTP, HOTP)

Axiad ID Mobile App (secure push notification)The Axiad ID (Mobile Authenticator App) leverages asymmetric cryptography push notifications. There are no shared secrets with this method.
Phishing-Resistant Methods
FIDO2FIDO2 removes passwords and shared secrets from the login workflow.
Certificate-Based AuthenticationCertificate-Based Authentication for your Gemalto/IDEMIA Smart Cards, Virtual Smart Cards (Windows+TPM), and YubiKeys.
Windows Hello for Business usersAxiad Cloud extends Windows Hello for Business capabilities

Advanced PKI

No Advanced PKI are available for this package. See the Axiad Cloud Package Comparison article for packages that include these features.
FeatureDescriptionIncluded
Secure email and documentsEnable email and document signing and encryption.
Custom certificatesSupport for custom certificate policies.
Machine identity managementManage your PKI certificates for WiFi access, network access control, domain controllers and web server authentication, Virtual Machine integrity, trusted devices (endpoint authentication), and DevOps tools/code signing.
Public PKIIssue and manage publicly trusted certificates. We support FBCA (for federal clients) and WebTrust (for enterprise clients).
OnPrem PKIPKI integration with an existing Microsoft certification authority (AD CS).

Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.