Overview

ESET Secure Authentication adds Two-Factor Authentication (2FA) to Microsoft Active Directory domains or local area network, meaning a one-time password (OTP) is generated and provided along with the generally required username and password. Or a push notification is generated and has to be approved on the user's cell phone running Android OS, iOS, or Windows once the user has successfully authenticated using their general access credentials, or another authentication option is required.

Push notifications require Android 4.4, Google Play services 10.2.6 and later, or iOS.

ESA introduces multitenancy.

ESA Components

The ESA product consists of the following components (usually referred to as ESA Components):

•ESA Web Console, an all-in-one management tool, is used to configure ESET Secure Authentication, manage users and download installers

•The ESA Synchronization Agent

•The Windows Login plugin provides 2FA for Windows computers

•The Remote Desktop plugin provides 2FA for the Remote Desktop Protocol

•The RADIUS Server for VPN Protection adds 2FA to VPN authentication

•The Web Application plugins provide 2FA to various Microsoft Web Applications

•The Active Directory Federation Services (AD FS) plugin provides 2FA for Active Directory Federation Services

•The Identity Provider Connector

•The ESA Authentication Server includes a REST-based API that can be used to add 2FA to custom applications

Time Representation and Time Zones

All information is stored internally in ESA using the UTC (Coordinated Universal Time) standard. UTC time is automatically converted to the time zone used by ESA Web Console (taking daylight saving into account). ESA Web Console displays the local time of the system where ESA Web Console is running (not the internal UTC time).