hardware security in addtional to user /password for remote citrix connection

I am looking for a hardware key / or biometric solution for a few of my remote users of citrix applications which will provide additional security beyond user name /password. Detailed info will be appreciated .
Who is Participating?

They make the middleware most of the DoD uses & have complete system offerings as well.

As a sysadmin, I deal with the front side & back side of Active Directory authentication, various website authentication & digital signing/encryption in E-mail using the CAC's all the time. They aren't perfect, but generally pretty robust & not that hard to configure (as long as you have somebody who has a decent understanding of PKI).
The DoD uses smartcards with digital certificates on them, & it works pretty darn well. You will need a smart card reader & some middleware on each client accessing your system in addition to running a Certificate Authority (an installable roll on Windows). The digital certificate aspect is very standardized & well supported across many platforms & applications.


The other main player is the RSA keyfobs, I haven't administered them in years, but as a user, they annoy me. Typically they aren't that hard to install the server side authentication pieces you need.

I don't have that much faith in biometrics, there are just to many problems with error rates. Also, how do you force a user to "change their password" cut off their finger?
leop1212Author Commented:
are there vednors for Smartcard with complete solution?
Would be nice to hear  comments from current users of hardware solutions .
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.