Send SMS from Strong Authentication ServerTo build a highly secure corporate
IT system you can apply Strong Authentication Server as it provides
two-factor authentication. Practically
it means that one-time passwords are sent to mobile phones as SMS
messages and users can logon only with these passwords. This solution
assures a very high level of identity protection in the corporate IT
environment. To employ this solution, you need an application that is
able to provide SMS functionality. Such an application is
Ozeki NG SMS
Gateway that can be installed on your computer. This software product
will forward your messages to the mobile network over a GSM modem or an
IP SMS connection. By implementing Ozeki NG SMS Gateway you will ensure
an easy way for sending one-time passwords as SMS messages. Read this
article to find out how to adopt this solution in practice.
Fields of applications
Security is an essential issue in corporations as there are
more and more attacks on corporate networks. As these attacks keep getting more
advanced, prevention is becoming harder against them. Therefore, single-factor
authentication (username and password) is not enough for protecting purposes
any more. These user identity credentials can be easily lost or hacked. Strong
Authentication Server provides strong authentication solution for these security
problems though you can still improve its features to be more effective and
secure.
To achieve a more efficient security system, implement a stable SMS
gateway software such as Ozeki NG SMS Gateway
into the corporate IT network to provide SMS functionality. This SMS
solution allows to introduce one-time passwords that are sent as SMS messages
to the cellphone of the user who wish to logon the system. This efficient
method makes two-factor authentication possible.
Two factor authentication means, that a user types in his password, then he
receives an SMS text message to his mobile phone with a one-time security code
and he needs to enter it to complete the authentication. In this way you can
ensure that no unauthorized person will get access to your IT network
and corporate data. The security of these passwords are improved further by the
fact that they expire automatically after a short period of time if they are
not used.
If you decide to implement this solution you will gain a stable,
well-functioning and highly secure IT system based on Ozeki NG SMS Gateway.
Below this page you will find a step by step installation guide on how to
configure your system to achieve SMS extension.
Preconditions
To adopt this solution you will need a connection between the mobile network and your
system. You can establish this connection in two ways: using an Internet connection
or using a wireless connection by attaching a GSM phone or GSM modem to your PC. Please
check this website if you need some help for your decision: Internet based SMS connections
vs. GSM modem based (wireless) SMS connections. According to your decision, you will
different preconditions.
Preconditions for Internet based connection to the Mobile network
To establish the connection between your system and an SMS service provider via the Internet, you will need these devices:

Figure 1/a - Prerequisites for Ozeki NG SMS
Gateway IP SMS connection
With this type of connection you will need an SMS service provider
who provides access to its services and ensures Internet based SMS services. On our
webpage we have collected some providers to help you in your decision:
SMPP SMS Service
providers. After you have decided which provider and which service is the most
appropriate for you, you need to sign a contract and you will receive connection
parameters from your provider. Once you got the necessary parameters you can setup
your Ozeki NG SMS Gateway software.
Preconditions for wireless (GSM modem) connection to the Mobile network
With this type of connection all you need is a GSM modem or a GSM
phone and you can join it easily to your PC with a data cable. The GSM device will
be operated by your Ozeki NG SMS Gateway software and it will be able to handle SMS
messaging wirelessly. You will need the following components to use this type of
connection:
Figure 1/b - Prerequisites for Ozeki NG SMS
Gateway GSM modem connection
For GSM modem connection you will need the following components:
*The SIM card will come with a plan, that will
determine how much money you will spend on each SMS.
System architecture
After gathering all the prerequisites start to build your
SMS system that will operate in the following way: With SA Server, you can
enter your username and a password to log into the corporate system. A
one-time password is generated by the strong authentication device using
an encrypted algorithm. This generated password will be sent out as an SMS
message to Ozeki NG SMS Gateway through a HTTP request. The built-in webserver
of Ozeki NG SMS Gateway will accept the request and will send the SMS message
containing the one time password through a GSM modem attached to the computer
with a data cable. (If an Internet SMS service provider account is configured
in Ozeki NG SMS Gateway, it can also send the message over the Internet).
Figure 2 - Ozeki NG SMS Gateway - solution
for how to send SMS from Zenoss
Please note that it is more secure to send the one time passwords using a GSM
modem through the airwaves to the recipient, than through an Internet based
SMS service provider account, because it is significantly harder to intercept
an SMS message traveling through the air, than it is to intercept internet
traffic.
How to configure Strong Authentication Server SMS solution
To send SMS messages from SA Server with Ozeki NG SMS
Gateway, please follow the steps of this installation guide and watch our video
tutorial on the configuration of this solution:
First go to the admin portal of SA Server and login as
administrator user (Figure 3).
Figure 3 - Enter customer care portal
Click on "Manage SMS Profiles" link at "System Administration"
part (Figure 4).
Figure 4 - Manage SMS profiles
On the next page click on "Add an SMS Profile" icon (Figure 5).
Figure 5 - Add SMS profile
Then provide the following values on the next page:
Description: the name you wish to use (in our example it will be "Ozeki
SMS Profile")
Active Profile: check the box
Type:
URL:
http://127.0.0.1:9501/api?action=sendmessage&username=admin&password=abc123&recipient=
<RECEIVER_MSISDN>&messagetype=SMS:TEXT&messagedata=<CONTENT_MSG>
|
Expected Result: *
Active Proxy Server: Disabled
If it is finished click on "CREATE” button
(Figure 6).
Figure 6 - SMS profile settings
Click on "Manage Policies" menu item and then on "Create OATH
Policy" link (Figure 7).
Figure 7 - Create oath policy
Fill the form as follows:
Policy Name: the name you wish to use. In our example it is: "Ozeki SMS
Policy”
Device Mode: SMS
Then click on "CREATE” button (Figure 8).
Figure 8 - Oath policy settings
If the policy has been created click on "Manage Devices"
(Figure 9).
Figure 9 - Manage devices
In the appeared window click on "Create OATH Device" option
(Figure 10).
Figure 10 - Create oath device
Provide the settings of the created device in the following
way:
OATH Policy: the name of the created policy. In our example it is "Ozeki
SMS Policy"
Smart Card ID: the name you wish to use. In our example it is "ozekisms"
Shared secret: a number you do not forget
Then provide a date for "Activates" and "Expires" fields
If it is done click on "CREATE" button (Figure 11).
Figure 11 - Device settings
If the device has been created click on "Manage Users"
(Figure 12).
Figure 12 - Manage users
On the appeared window click on "Create User" (Figure 13).
Figure 13 - Create user
Provide the information about the user and do not forget
to provide a phone number for the user. If it is done click on "Create"
(Figure 14).
Figure 14 - User settings
Click on "Manage Devices" and search for the used devices.
Select the created device, in our example it is "ozekisms" (Figure 15).
Figure 15 - Oath devices
Specify the user you wish to use for the device then click on
"Update" (Figure 16).
Figure 16 - Assign to user and update
Then click on "Activate" button (Figure 17).
Figure 17 - Activate device
Provide the User ID and password under "Request OTP by
SMS Instructions" submenu at user portal and click on "Submit" button
(Figure 18).
Figure 18 - Request OTP by SMS
Then you get the one-time password in SMS (Figure 19).
Figure 19 - Sent message in Ozeki NG SMS
Gateway The received password can be provided at the "One-Time
Password" part of User Login window (Figure 20). Finally click on "Login"
to enter the website (Figure 21).
Figure 20 - Enter OTP
Figure 21 - Successfully logged in
Conclusion for Strong Authentication Server SMS solution
To get a highly secure corporate IT system in which corporate
data and information are protected from intruders, build a powerful SMS system
based on Ozeki NG SMS Gateway! This software product with Strong Authentication
Server will provide the demanded protection of your IT system. To enrich the
above mentioned features this solution will also prevent unauthorized users to
get access to your system, as one-time passwords are sent only to the mobile
phones of the intended people. In this way you will get a stable, reliable, and
well-working protection system at the highest quality.
Choose a competitive solution for your company to ensure success on the
market!
|