Defender Tokens
Quest offers the widest range of tokens on the market – software, hardware and web-based – to meet your diverse authentication needs.
View now »

Defender

Secure, Affordable & Achievable Two-Factor Authentication

Quest Defender enhances security by enabling two-factor authentication & multi-factor authentication to network, Web and applications-based resources. Quest Defender uses the scalability and security of Active Directory for identity storage and management, enabling administrators to use their existing skill set to manage two-factor authentication and eliminating the costs and time involved in setting up and maintaining proprietary databases. 

Defender enables the full lifespan of hardware tokens—typically 5-7 years—and offers software tokens that NEVER expire. In addition, Defender’s user self-registration and ZeroIMPACT migration capabilities ease the rollout of two-factor authentication for both administrators and users.

Features

Active Directory-centric – Use the scalability, security and compliance of Active Directory to provide a two-factor authentication to any system, application or resource taking advantage of the corporate directory already in place, instead of creating an additional proprietary one. User token assignment is simply an additional attribute to a user’s properties within Active Directory.

Web-based Administration – Provide Defender administrators, help desk administrators and end users options for token management, token deployment, real-time log viewing, help desk troubleshooting and access to reports using the Web-based Defender Management Portal.

Token Self-Registration – Enable users to request and/or receive a hard or soft token based upon pre-defined administrator policy. Then quickly and easily assign that token to their account through a unique, secure mechanism. The Token Deployment System removes the entire administrative burden and associated costs of conventional manual token assignment

Help Desk Troubleshooter – Enable Defender and help desk administrators to troubleshoot, diagnose and resolve user-authentication-related problems with just a couple of mouse clicks from any Web browser. View a current list of authentication attempts and routes, with associated results, possible reasons for failures and one-click resolution steps. In addition, user account details and assigned tokens are also displayed with the ability to quickly test, reset the pin or provide a temporary token response, as well as reset or unlock the account.

Token Flexibility – Take the simple path to two-factor authentication regardless of the preferred token vendor or mobile device. Defender supports any OATH-compliant hardware token and has relationships with several major token vendors, enabling you to choose the best token for your organization. Defender also offers a wide range of software tokens for the most popular and widely deployed mobile platforms. And by offering a universal software token license, the administrator can easily reissue the appropriate device license when a user decides to switch mobile platforms.

Secure Webmail Access – Enable secure Web-based access to your corporate email system from any Web browser, anytime, anywhere with Quest Webthority, a reverse proxy solution included with Defender. In addition you can require Defender token use for access to ensure appropriate authentication regardless of access point.

ZeroIMPACT Migration – Undertake a gradual migration to Defender from an incumbent legacy authentication solution with ZeroIMPACT. With Defender and the legacy system running side-by-side, all user authentication requests are directed to Defender. If the user is not yet defined within Defender the authentication request is transparently passed, via the proxy feature, to the incumbent authentication solution. This allows administrators to migrate users to Defender as and when their legacy tokens expire with virtually no overhead from an administrator or end-user perspective.

Encryption – Associate a Data Encryption Standard (DES) with the Defender Security Server to enhance security. Defender supports AES, DES or Triple DES encryption.

Pluggable Authentication Module (PAM) – Specify that services and users defined on your Unix/Linux systems will be authenticated by Defender with Quest’s Defender module for PAM.

Sys Reqs

Before installing Defender, ensure your system meets the following minimum hardware and software requirements:

Defender Security Server

Platform

Windows 2003
Windows 2008
Windows 2008 R2
Windows 2012

(Installation on 32 or 64-bit platforms is supported)

Memory512 MB
Hard Disk 
Space
2.3 MB. Additional space is required for log files.

Defender Administration Console

Platform

Windows 2003
Windows 2008
Windows 2008 R2
Windows 2012
Windows 7
Windows XP
Windows Vista

(Installation on 32 or 64-bit platforms is supported)

Memory128 MB
Hard Disk
Space
5.6 MB.
Additional 
Software
Microsoft Active Directory Administration Tools

Defender Management Portal

Platform

IIS8
Windows 2003
Windows 2008
Windows 2008 R2
Windows 2012

(Installation on 32 or 64-bit platforms is supported)

Memory1 GB
Hard Disk
Space
200 MB.  Actual requirement will depend on logging requirements and number of DSS in use. Default settings will require a minimum of 1GB per DSS
Additional SoftwareInternet Information Services 6 or 7

Note: Clients require Internet Explorer 7 or higher.

Videos

Docs

Datasheets

Defender back to top