Token security authentication, Securing network environments, Using the securid token card – Netopia R2020 User Manual

14-36 User’s Reference Guide

Token Security Authentication

This section discusses how to configure and use security authentication on the Netopia R2020.

Note: The security authentication feature only applies to Netopia R2020 models connecting over a dial-up line
using the PPP-PAP-TOKEN or PPP-CACHE-TOKEN authentication protocol.

Securing network environments

Unauthorized tampering or theft of information on internal networks causes serious ramifications, given the
reliance on information systems. Network abuse is a serious problem, complicated by the difficulty in detecting
the source of the abuses. An unauthorized user can gain access to networks and copy information without
leaving a trace.

Password protection is one solution, but static passwords are often insecure. They can be compromised,
allowing unauthorized users to disguise themselves as authorized users and enter supposedly secure systems.
However, a company called Security Dynamics™ has patented a security authentication technology to increase
network security.

SecurID is a two-factor authentication process to protect against unauthorized access. This dynamic user
authentication produces a randomly-generated security code mechanism that changes ever y 60 seconds. At
login, authorized users enter their password and the code displayed on their SecurID token card. While a
password may be compromised, the constantly changing access code, which requires the token card during
system use, bars unauthorized users from entering the network.

Using the SecurID token card

Each SecurID token card is programmed with an algorithm that ensures ever y code displayed is valid only for
that user at that par ticular time. The token card has a display that authorizes the individual user access to the
computer. Through this authentication system, the user’s identity is verified when the correct password and
current code are entered from the user’s token.

Personal identification number (PIN)

The user’s password is called a personal identification number, or PIN. The user enters the secret PIN from a
console connection, followed by the current code displayed on the token card. Then the access control module
must authenticate the token’s unique code in combination with the user’s secret PIN before access is granted.

Key Security Authentication Features of the Netopia R2020

As a remote device, the Netopia R2020 offers client/calling side security authentication. This feature allows
the Netopia R2020 to call a ser ver router and per form security card authentication. The router of the called
ser ver must have access to a ser ver with ACE software loaded on it.

To per form security card authentication, each user must have a security authentication token card and a PIN. In
addition, the user’s identifying information must reside on the remote ACE ser vers for authentication
negotiation to properly take place.