Working in the Office of the CTO for VMware’s End User Computing BU is a lot of fun! I not only get to work with some cool new technologies and solutions, but I also get to talk to customers and vendors to understand their technologies and the directions that the EUC market is taking.
What I would like to share this time is the Indigo iDNA Strong Authentication working integrated with VMware View. iDNA allow users to authenticate against VMware View connection servers and/or security servers using biometric or touch card while providing seamless SSO (Single SignOn) and the ability to freely roam endpoints and desktops.
There is a lot that goes behind the scenes, but in simple terms Indigo has created their own strong authentication mechanism that takes place before the VMware View active directory domain authentication. Indigo services use AES-128 encryption for storing Indigo’s username, password, biometrics and touch card credentials. The biometrics is hashed and not stored as an image, making it impossible (ok, nothing is impossible, but almost impossible) to be cracked. The active directory credentials are also stored in Indigo’s secure service databases.
Once the initial authentication is established with Indigo services than Indigo will gracefully launch the VMware View client and pass the Active Directory credentials in a secure fashion using an in-memory hardened process. According to Indigo’s CTO the memory used for this process is randomly chosen from non-swappable memory blocks for higher degree of security.
iDNA is also available for iPADs, but it is not yet integrated with the iPad VMware View client. Wyse Pocket cloud can be utilized in conjunction with iDNA to provide access to the virtual desktops.
I am working with these guys in something bigger that I am not allowed to share at this point in time, but the standalone technology is very interesting and worth to be looked at. Please, pay attention to the following disclaimer: I am not endorsing the solution as it not yet certified by VMware but I am believe Indigo will be pursuing the certification process.
We recorded the video below with Thomas Rheineck, Indigo CEO, demonstrating the features of iDNA.
- PCoIP Zero Clients with Imprivata OneSign Authentication and USB2.0
- Addressing Self-Service Password Reset with VMware View 4.6
- How to Access Windows 8 CP via PCoIP with VMware View
- VMware View 4.6 PCoIP Software Gateway (PSG)
- Hardening VDI (VMView) Deployments
VMware View with Biometrics, SSO and Strong Authentication
Virtually anything about Clouds