CSP Authenticator+ is a new multi-factor authentication solution for NonStop systems. It supports both primary and secondary authentication for NonStop. CSP Authenticator+ resides on the NonStop platform and uses an OSS “bridge” to connect via a RESTful interface to the Authenticator+ web server. This web server is self-hosted in a secure “sandbox” called a Docker Container, and can be hosted in any UNIX, Windows, MAC or Cloud environment. Each application can have its own Docker container environment if desired.
CSP Authenticator+ can provide authentication services via Safeguard Authentication SEEP, or Pathway and Non-Pathway servers.Almost any application, including TACL, can now easily support multi-factor authentication, which is a key compliance requirement.
Primary authentication methods supported include RADIUS, Active Directory, LDAP & RSA Cloud. Secondary (multi-factor authentication) methods supported include RSA SecurID, RSA Cloud, Email, Text Message and Google Authenticator. User information is securely loaded onto the web server via AES encryption and HTTPS protocols. No password information is kept on the web server; only the email address, SMS # or other token serial number associated with the users to whom multi-factor authentication may apply. The administrator is in control of which additional methods (one or many) are to be used and which users and applications must use multi-factor authentication.
CSP Authenticator+ can be used in various ways to provide authentication services:
Safeguard Authentication SEEP
In this mode, all login attempts by Guardian users that are normally processed against Safeguard are instead passed to the Authenticator agent, which in turn sends the login request to CSP’s MFA System. Based on a user’s configuration, CSP Authenticator+ may return prompts for RSA token value or issue other challenges such as an Email or SMS OTP.
Pathway or Non-Pathway servers
In this mode, login attempts through an application, including a Pathway application, are passed to the Authenticator+ agent, which in turn sends the login request to the CSP MFA system for secondary authentication.