Introduction to the Advanced Authentication Modes Module

The Advanced Authentication Modes Module (AAMM) enables organizations increase adherence to security policies with advanced multifactor authentication features.

The features listed below are activated by the AAMM:

  • Common Access Card (CAC) Authentication - EFT has a broader scope of coverage of Common Access Card (CAC) for PIV, which includes support for the PrincipleName or UPN identifier format and the more generalized RFC822Name support. In EFT, CAC is only available on LDAP-authenticated sites.

  • RADIUS for User Authentication - Radius allows for integration with third-party solutions, such as SMSPASSCODE for text message verification as a second factor during authentication.

  • RSA SecurID - EFT is compatible with RSA’s Authentication Manager (AM), version 8.1, for multi-factor authentication in conjunction with Globalscape, LDAP, and ODBC-authenticated sites. Globalscape is also an "RSA Secured" partner.

  • SAML (Web SSO) Authentication with Just In Time (JIT) provisioning - The HTTP and HTTPS protocols in EFT provide the SAML 2.0 Web SSO profile with HTTP POST binding and corresponding user interface controls for enabling and configuring SAML for achieving Single Sign On (SSO) for Web-based authentication.

  • Multifactor authentication via email or SMS for client logins - Multifactor authentication is the process of verifying the identity of a user in which the user is granted access only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism.