Zyxel ZYWALL OTP specifcations

ł



Strong Two-Factor Authentication

Solution

ł



One Token for Many Applications

ł



No Expiration Date for Lower

Operating Costs

ł



Intuitive and Easy to Install,

Use and Manage

ł



Seamless Integration with ZyWALL

Security Products

Strong Authentication Solution with OTP

Benefits

Strong Two-Factor Authentication Solution

The starting point of security is to ensure that only authorized people can remotely access the protected network

applications and resources. Given enough time for attempts, it’s relatively easy for unauthorized intruders to crack

a static password. With a one-time password, the risk can be greatly reduced by constantly altering the

combination. The ZyWALL OTP authentication token is a chip-based, 6-digit numeric PIN to be used alongside a

password for strong two-factor authentication. The ZyWALL OTP solution includes an ASAS server for back-end

OTP authentication, and it can be easily integrated with existing ZyWALL security solutions.

One Token for Many Applications

The ASAS server is a network security application that provides LAN, Web, VPN, and remote access with strong

authentication capability; it resides on the network and is managed by network administrators, while the ZyWALL

OTP is operated on client computers. Together, they provide highly robust one-time password authentication to

protect network resources; the most common implementation using the two-factor authentication technology is

remote VPN authentication. Working with the powerful RADIUS-standard ASAS server, ZyWALL OTP token can be

used universally in the authentication processes of LAN, Web and OWA applications.

No Expiration Date for Lower Operating Costs

Nobody likes tokens that expire quickly, and validity of merely a year is simply not enough. Expired tokens can

cause inconvenience since administers need to reconfigure the user setting and re-issue new tokens. With the

concern in mind, ZyXEL put a heavy-duty battery inside the ZyWALL OTP to prevent tokens from premature

expiration. As a result, the availability of the tokens can be extended to as long as 3 years.

One-Time Password for
Two-Factor
Authentication

zywall
otp

Intuitive and Easy to Install, Use and Manage

There are various ways to implement the authentication schemes. However many small-to-medium businesses,

enterprises and organizations need a two-factor authentication system that is easy to understand, install and

administer; and it must be reliable once installed. With the combination of driverless ZyWALL OTP tokens and an

ASAS server, this solution provides everything needed to deploy the two-factor authentication capability into

network environments.

Seamless Integration with ZyWALL Security Products

The ZyWALL OTP can be easily deployed along with ZyWALL security products, including ZyNOS ZyWALL, ZLD

ZyWALL, SSL10 and integrated into the existing network infrastructure. These combinations provide customers

with Two-Factor Authentication, an optimum security methodology, to significantly elevate the safety level of the

authentication process.

Specifications

Zy

r

LAN

et

Intern

System Specifications

Chip-based Authentication Token

• NAT Mode

• DMZ Mode

• Driverless

OTP Number Generation

• OATH Algorithm

• 160-bit

Supported Software

• Remote Access ( With Authenex ASAS

Authentication Server):

- SSL VPN

- VPN with: OTP-capable VPNs

- Dial-up to a remote server with RADIUS

- Web access with RADIUS

• Authentication Interoperability

- Network Login for MS Windows 2000 and XP

- Secure Web Access (MS Internet Explorer)

Application Diagram

ASAS Server Software

• OATH Algorithm

• RADIUS Standard Server (ASAS Server)

• Easy Administration via Web Management GUI

• Easy to Integrate into the existing Network

Infrastructure

• Use a Web browser to manage ASAS anytime,

anywhere

ASAS Server Requirements

• Hardware:

- CPU: Pentium-compatible CPU

- RAM: 512 MB or Higher

- Disk Space: 10 Gigabytes free Hard Disk space

(after OS)

• Software:

- Operation System: Microsoft Windows 2000

and 2003 Server Edition

- Service Packs: Microsoft Windows 2000

Service Pack 3 or above

jackyliu

zyxel

130201

Hardware Specifications

• On-board security Processors: support

- AES Advanced Encryption Standard: 128-bit

- SHA-1

• Display (LCM): 6-digital Numeric LCD display

• Power: Internal battery

• Casing: Polycarbonate

Physical Specifications

• Dimensions: 55 (W ) x 25 (D) x 12.2 (H) mm

• Weight: 13 g

Environmental Specifications

Operation Environment

• Temperature: 0°C ~ 50°C

• Humidity: 20% ~ 95%

Storage Environment

• Temperature: 10°C ~ 50°C

• Humidity: 20% ~ 95%

Authorized Partner
Authorized Customer

Employee Laptop in
Airport Kiosk or in Hotel

ZyWALL OTPZyWALL OTPZyWALL OTP

Employee on
Home Computer

ZyWALL OTP ZyWALL OTP ZyWALL OTP

Employee on
Home Computer

Employee Laptop in
Airport Kiosk or in Hotel

Authorized Partner
Authorized Customer

1

2

Encrypted

3

6

Decrypted

Email

Server

File

Share

BI

System

OA, ERP System

CRM System

WAN

ZyWALL

LAN

Web-based
Application

Remote
Desktop

XEL/Authentication Serve

Application Server
(Inventory, Store...)

Network

Extend

1

User initiates

2

Prompts for user credentials

3

User supplies credentials

RADIUS client send credentials

4

RADIUS server responds with Accept, Reject, or Challenge

5

If successful, RADIUS client allows user to access network

6

RADIUS

SECRET

4

5

For more product information, visit us on the web www.ZyXEL.com

Copyright © 2007 ZyXEL Communications Corp. All rights reserved. ZyXEL, ZyXEL logo are registered trademarks of ZyXEL Communications Corp. All other brands,
product names, or trademarks mentioned are the property of their respective owners. All specifications are subject to change without notice.

65-100-010117G 06/07