Technical Specifications

The following technical specifications are required for deploying the Mi-Token multi-factor authentication Enterprise Edition only. For technical specifications regarding our API & Cloud Services, or Banking Editions, please contact us.

Mi-Token Enterprise Edition leverages off several key Microsoft Windows components. These include Network Policy Server (NPS) as its RADIUS server, Internet Information Services (IIS) to serve the centralized reporting website and the soft token provisioning websites, and Active Directory Lightweight Directory Services (LDS) as its database for token seed storage.

As such the typical Mi-Token multi-factor authentication installation solution will require the following:

+ Server for Mi-Token Radius

  • Same domain as the user accounts
  • Windows 2008, 2008R2, 2012 or 2012R2 (64bit)
  • 1.4 GHz Dual-Core CPU
  • 1024 MB RAM
  • 20 GB hard disk space
  • Mi-Token supports the use of virtualization – Vmware, Xen, or Hyper-V.

COMPONENTS FOR WINDOWS 2008 and 2008R2

  • Network Policy and Access Services role with the Network Policy Server
  • Active Directory Lightweight Directory Services role
  • .NET Framework 4.0

COMPONENTS FOR WINDOWS 2012 and 2012R2

  • Network Policy and Access Services role with the Network Policy Server
  • Active Directory Lightweight Directory Services role
  • .NET Framework 4.5

COMPONENTS FOR WINDOWS 2016

  • Network Policy and Access Services role with the Network Policy Server
  • Active Directory Lightweight Directory Services role
  • .NET Framework 4.6

Note that when installing Mi-Token on a domain controller or member server, domain administrator rights are necessary.

+ Infrastructure for Reporting and Soft-Token Deployment

  • SQL Server 2008 or higher
  • IIS
  • ASP.NET
  • .NET framework 4.0+
  • Windows Authentication
  • IIS compatibility mode
  • Access to a SMTP
  • Server for Soft-Token provisioning via email
  • Access to a SMS Gateway for Soft-Token provisioning via SMS

+ Remote Access Devices that Support the Radius Protocol

There are several ways you can use the Mi-Token multi-factor authentication solution to protect your business, clients and intellectual property. We have been known to integrate with the following devices and software solutions:

  • SSL VPN / Firewall devices (Juniper, Cisco, Palo Alto etc)
  • Outlook Web Access (via ADFS or Mi-Token plug-in for Microsoft Exchange
  • Sharepoint via ADFS
  • Remote Desktop Services via ADFS
  • Windows Domain Login (via pGina)
  • Web Applications (using our web API)
  • Custom Applications (using our custom API)
  • Linux authentication using PAM

+ Firewall Configuration

  • Between remote access device and RADIUS servers, UDP 1812 (RADIUS)
  • Between management PCs and RADIUS servers
  • ADAM/LDS LDAP ports
  • Between replicating RADIUS servers
  • ADAM/LDS LDAP ports
  • RPC endpoint mapper (TCP 135)
  • Dynamic RPC ports (TCP 1024-65535 by default although configurable)

+ Administration Tool for PC's

  • Windows 7, 8, 8.1, 10
  • MMC 3.0, available via download from Microsoft, or natively available on Windows
  • Can also be installed on RADIUS servers themselves