BioNetrix Update Tells Who Logs In—And How

Works with more devices; no remote management.

BioNetrix Systems Corp.s updated suite of software monitors a wide range of authentication methods - be they smart cards, passwords or biometric devices - for the Windows environment, offering easy manageability and cross-pollination of authentication in network environments.

Released in March, BioNetrix Authentication Suite 4.0 ranges from $50 to $200 per user, depending on the size of the deployment.

The updated suite works with more devices than the previous version, supports tokens from Rainbow Technologies Inc., has an easier GUI for administrators than the previous version, provides logging features using Crystal Decisions Inc.s Crystal Reports and allows role-based delegation of administration rights to types of users or groups, which can be helpful in large organizations.

The BioNetrix software does not work in Unix, Solaris or Linux environments and does not have the flexibility of remote management. The support of authentication devices has grown and is abundant for fingerprint, voice and face recognition devices, but support for devices that recognize a users iris and signature is more limited. The only tokens supported are those from Rainbow. A complete list of supported authentication devices is available at the companys Web site,

With so many authentication methods in use in heterogeneous network environments that demand high security, daily administration can be frustrating and time-consuming. The BioNetrix suite did a good job monitoring a variety of authentication methods in eWeek Labs tests.

A strong competitor of BioNetrix is Keyware Technologies Inc., which offers Centralized Authentication Server for managing a mix of authentication methods in a single product.

Centralized Authentication Server has many of the same features as BioNetrix Authentication Suite 4.0 and is compatible with many authentication devices.

But the BioNetrix suite offers better logging capabilities with Crystal Reports and an easier user interface for administrators.

eWeek Labs tested BioNetrix Authentication Suite on a system using Windows 2000 Advanced Server and running Microsoft Corp.s SQL Server 7.0 database, which BioNetrix recommends for storage of user identification data. (The suite comes with the Microsoft Database Engine, a scaled-down version of SQL Server that has limited capabilities.)

We installed the client software on several PCs running Windows 98, NT and 2000 Professional. Installation was a step-by-step process, providing all the information necessary to start managing log-ins.

We connected several different biometric authentication devices to the client PCs, including a fingerprint scanner and a camera for iris and face recognition, and also used tokens.

The GUI, called Administration Manager, was easy to use, and with Crystal Reports? templates, it was simple to generate and print real-time logs tracking authentication activity.

Whats Inside

BioNetrix Authentication Suite consists of Administration Manager; Authentication Server; Database Manager; Enterprise Authentication Client, which provides authentication services to Windows-based applications; and Web Authentication Client, which provides authentication services to Web-based applications.

The Administration Manager GUI allows one or more administrators to create and manage policies that direct authentication methods to control user access to information and applications. We used this interface to set the level of security for various applications and to manage the type of authentication method users needed for those applications.

Authentication Server assists in performing user verification and the management of applications, groups, policies, users and identities. This component is installed only on the server and must be running before the clients are installed because all clients are connected to it. Authentication Server works with Database Server to verify user identity against an authentication template stored in the database (in our case, SQL Server).

Database Manager allows a system administrator to define primary and secondary servers to facilitate failover and houses applications, groups, identities, methods and policies.

The BioNetrix clients can be installed on computers running any Windows operating system. The client interface prompts users to authenticate their identity using the methods set up by the administrator.