Mi-Token Prerequisites for Windows 2008 / 2008R2
Mi-Token Enterprise Edition leverages several key Microsoft Windows components. These include the Network Policy Server (NPS) as its RADIUS server, Internet Information Services (IIS) to serve the centralized reporting website and the soft token provisioning website, and Active Directory Lightweight Directory Services (LDS) as a database for metadata and token seed storage.
Note: (1) Mi-Token Enterprise Edition does not modify the Active Directory schema.
(2) Mi-Token does not require a 'dedicated' server, unlike most other vendors.
As such, the typical Mi-Token installation solution will require the following components:
Basic Server Requirements for Mi-Token RADIUS
- Windows 2008 or 2008 R2 (32bit or 64bit) software requirements
- Network Policy Server with Network Policy and Access Services role enabled
- Active Directory Lightweight Directory Services
- NET 3.5 SP1
- Same forest as the user accounts
- Domain Administrator Rights
- Administration Tools for PCs
- Minimum hardware requirements:
- 1.4 GHz CPU
- 1024 MB RAM
- 25 GB hard disk space
- Mi-Token supports the use of virtualization.
- Firewall Configuration Considerations
- RADIUS Authentication (UDP 1812)
- Between management PCs and RADIUS servers:
- ADAM/LDS LDAP ports (TCP 5000 by default)
- Between replicating RADIUS servers:
- ADAM/LDS LDAP ports (TCP 5000 by default)
- RPC endpoint mapper (TCP 135)
- A set of replication ports (2 configurable ports, TCP)
- Just some of the myriad devices and situations which can be secured with Mi-Token
- SSL VPN / Firewall devices (Juniper, Cisco, etc)
- Outlook Web Access (via Internet Security and Acceleration Server (ISA) / TMG (Threat Management Gateway))
- Windows Domain Login (via GINA / Credential Provider)
- Linux Login (via PAM-RADIUS)
Actual performance will depend greatly on your environment. For example, on how many users are authenticating concurrently, network/disk performance and Domain Controller performance. Mi-Token recommends benchmarking and stress testing the entire system to gauge more precise requirements.
Optional Requirements for Reporting and Soft-Token Deployment
- SQL Server 2005, 2008, 2008 R2 or Oracle 10g
- IIS 6, 7 or 7.5
- Asp.net
- Windows Authentication
- IIS 6 Management Compatibility
- SMTP service to provision soft-tokens