Very Computer

I am looking for a device allowing securid access via dial-in with
following requirements:
   1. securID logon;
    2.dial-in access;
    3. the device has no dependence on LAN, no such thing as ACE server.
The device should have token records itown and processor and RAM inside.

    4. RADIUS is excluded, because it relys on LAN.

We plan to purchase substantial quantity. We need solid quality. We know
two manufactures carry them in the market place: ACM100(no longer in
production) from RSA and Uniguard from CDI.

Thanks in advance.

When Security Dynamics first started about 10 years ago, the only product
they had was a hardware device that seems to fit your description.  It was
a device with a bunch of pairs of serial ports; you would connect a modem
to the incoming port, and the outgoing port would be connected to the
serial interface on a computer or terminal server.  When a user dialed up
it would send a login prompt and Passcode request to the modem line, and if
the user's passcode was validated it would then pass them through to the
outgoing port.  It had a floppy drive that was used to load user records.

We actually used this device as a server in my company.  Instead of
connecting the box to our modem pool, we connected one incoming port to our
firewall's serial port.  We wrote a function that would open the serial
port, send a username and passcode to it, and then read back the response
to see if it was accepted or rejected.  We then modified the login and ftp
programs on the firewall to prompt for passcodes and use this function to
validate them.

--

Genuity, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.

        Given the patents involved in the SecurID time-synchronous design, I
think you will find only Communication Devices Inc.(CDI) can support the
ACE/SecurID authentication under the terms you specified.

        CDI's products ship "SecurID Ready" in a way that no other non-RSA
hardware can be. See: <http://www.commdevices.com/RSA_story.htm>

         RSA announced in March that it had chosen CDI to provide the new
generation of stand-alone hardware boxes to replace its discontinued
line of Access Control Modules: the ACM-100, ACM-400, and ACM-1600.

         For the past decade, RSA ACMs have been the dedicated remote-access
guardians for thousands of teleco switches, in the US and overseas.
There was a time when this was the defining market for Security
Dynamics, now RSA Security.

        CDI's UniGuard, MiltiGuard, and Port Authority products are designed,
like RSA's ACMs, to rely upon "out-of-band" management: dial-up POTS
telephone circuits, rather than TCP/IP network connections.  

        With direct support from RSA, CDI integrated RSA's ACE/Server
functionality and SecurID support into its products. The results are
documented at: <http://www.rsasecurity.com/support/guides/remote.html>  

        UniGuard and its siblings can be used out-of-the-box to authenticate
SecurID users and, through an RJ45 connector, allow secure dial-up
connection to almost any host console port: routers, firewalls, and PBX,
etc.

        Hope this is helpful.

                 Surete,
                         _Vin

PS. I've been a consultant to SDTI, and the RSA, for many years, so
please appropriately discount my comments and options for bias.

Vin McLellan
The Privacy Guild
Chelsea, MA USA