Smart Card Authentication Configuration | Parallels Blog

What is Smart Card Authentication?

A smart card is a microcontroller-based card, like credit cards that can generate, store, and operate on cryptographic keys. Because they offer a flexible and secure way to authenticate entities, smart cards are commonplace in high-security networked environments.

But what exactly is smart card authentication? Well, smart card authentication is a two-factor authentication system that involves the use of a smart card. A smart card authentication-enabled platform validates the identity of a user by using two components: a smart card and the PIN. The PIN acts as a secret key for authenticating the user to the system.

In this post, we walk you through a four-stage setup process on how to use smart card authentication with Parallels® Remote Application Server (RAS).

Stage 1: Smart Card Setup Prerequisites

Before Parallels Remote Application Server can authenticate users with smart cards, the system must be configured correctly according to the prerequisites listed below.

Note: The configuration of these prerequisites may vary depending on the smart card vendor.

Stage 2: Test the Setup

After the prerequisites are configured, a test is required to verify that the smart card authentication configuration in Stage 1 has been set up correctly. This test will attempt to authenticate with the RDP server from a Windows machine using a smart card.

If configured correctly, the remote desktop session should be established without prompting for authentication. If the test is successful, move to Stage 3, otherwise revisit the configuration prerequisites outlined in Stage 1.

Stage 3: Configure Parallels Remote Application Server for Smart Card Authentication

Install the Parallels Remote Application Server Publishing Agent on a Windows server joined to the smart card domain configured in Stage 1, point 1. The Terminal Server Agent should be pushed to the RDP server referenced in Stage 1, point 3. At this stage the Parallels Remote Application Server will be set up to authenticate users via smart cards.

Stage 4: Configure Parallels Client

Smart card authentication configuration is supported on the Parallels Clients for Windows and Linux. In this example, the Parallels Client for Windows will be configured to authenticate with Parallels Remote Application Server via smart card.

Applications and desktops published from Parallels Remote Application Server are now listed. Click to access any of these resources without being prompted for credentials.

How to Configure a Smart Card Authentication

Congratulations! You have successfully logged in using smart card authentication configuration.

Try a free 30-day trial of Parallels RAS today.


References

TechTarget | http://searchsecurity.techtarget.com/tip/Security-token-and-smart-card-authentication

Microsoft | https://technet.microsoft.com/en-us/library/cc732116(v=ws.11).aspx

Tech-FAQ | http://www.tech-faq.com/understanding-and-implementing-smart-card-authentication.html

Wikipedia | https://en.wikipedia.org/wiki/Smart_card

Parallels | https://www.parallels.com/products/ras/capabilities/security-monitoring/