Deployment Architectures

SurePassID makes it easy to deploy MFA wherever needed – no matter what the deployment architecture

  • On-prem and air-gapped systems for IT/OT systems and critical infrastructure
  • Private clouds (data center and hosted) including GCC High
  • Embedded and containerized



In this era of IT/OT convergence and cyberattacks on critical infrastructure, on-prem MFA across segmented OT networks is more important than ever. Whether you have ICS or SCADA systems to lock down, manufacturing shop floors to secure, or simply want to avoid data persistence in the cloud, being able to deploy your MFA solution on-prem is vital.

SurePassID Authentication Server is the highly secure, highly extensible MFA solution which is easily installed on-prem as a server or virtual machine (VM):

  • .msi for Windows Server 2008, 2012, 2016, 2019, 2022
  • Authentication Services Virtual Machine (Hyper-V)

SurePassID also offers a comprehensive suite of on-prem MFA integrations and tools, including:

  • On-prem FIDO2/WebAuthn
  • On-prem SAML 2.0 IdP
  • On-prem OpenLDAP


Private Cloud (Data Center and Hosted)

Private clouds mitigate the risks associated with cloud gateways, firewall misconfiguration, and storage of sensitive data in the public cloud. SurePassID Authentication Server can create a GCC High private cloud deployment from an install script within minutes, adding MFA to Windows Logon Manager and any other operating system or application logons and securing Microsoft Azure and Amazon Web Services instances.

SurePassID offers multiple deployment options to accommodate your unique needs:

  • .msi for Windows Server 2008, 2012, 2016, 2019, 2022
  • Authentication Services Virtual Machine (Hyper-V)
  • Software-as-a-Service (SaaS) / Security-as-a-Service (SECaaS) for private clouds


Public Cloud

Public clouds and on-demand services are dangerously vulnerable to cyberattacks by ransomware gangs and hostile state actors. SurePassID Authentication Server is the highly secure, highly extensible solution for locking down the most complex cloud deployment architectures. SurePassID secures federated cloud apps via SSO, SAML 2.0 IdP, and OpenID Connect, as well as cloud platforms like Microsoft Azure and Amazon Web Services.

SurePassID offers multiple deployment options to accommodate your unique needs:

  • .msi for Windows Server 2008, 2012, 2016, 2019, 2022
  • Authentication Services Virtual Machine (Hyper-V)
  • On-demand service / Software-as-a-Service (SaaS) / Security-as-a-Service (SECaaS)
Pricing - SurePassID Cloud



Organizations deploying containers and containerized solutions face challenges in keeping their systems secure:

  • Containerization lacks host-based security tools like firewalls to support the detection of intrusions and malicious activity within the container.
  • Containerization lacks isolation from the host operating system (OS). If there is a vulnerability with the host kernel/OS, it will impact all containers.
  • Containerization lacks monitoring and remediation capabilities when instances are rebuilt repeatedly, allowing vulnerabilities and breaches to persist across instances.

SurePassID enables use of MFA to lock down every aspect of containerization:

  • Host OSes
  • All applications running in the container
  • APIs exposed to clusters or cloud
  • All container management applications
  • Docker
  • Kubernetes
  • Amazon Elastic Container Service (Amazon ECS)
  • Microsoft Azure Container Instances (ACI)



Embedded systems are designed to perform designated tasks while minimizing processing cycles and reducing memory usage, as there are no extra processing resources available. Standard multi-factor authentication (MFA) solutions typically require too much system overhead to run on embedded systems. Miniaturization of embedded devices and their increasing capabilities are only making this challenge more immediate.

SurePassID Authentication Server addresses this challenge with a tiny client app that runs on 8-bit, 16-bit, and higher chip set architectures. Taking up almost no system overhead, the app reaches back to a SurePassID server for multi-factor authentication services – on-prem, in the cloud, or in an IoT deployment architecture.


FAQs about SurePassID and our Authentication Server solution

  • Software-as-a-Service (SaaS)
  • Windows Installer Package (Microsoft Windows Server 2008/2012/2016/2019/2022)
  • Virtual Machine (Microsoft Hyper-V)
  • Container (Docker/Kubernetes, Microsoft ACI, Amazon ECS)
  • Serverless/Function-as-a-Service (FaaS)
  • Embedded (8, 16, or 32-bit microcontrollers)

Cloud deployments can occur same day. On-prem deployments will vary depending on the complexity of your requirements. Regardless, our Customer Success team is with you every step of the way.

SurePassID is the most hardened authentication solution on the market. Customers choose us because we specialize in securing user access to mission-critical IT/OT systems and critical infrastructure. We never stop innovating to protect our customers from evolving cyberthreats.

As a SAML 2.0 IdP, SurePassID easily and seamlessly integrates with any on-prem (e.g. Ping Identity) or cloud-only (e.g. Okta) IAM solution.

  1. Unmatched on-prem and OT capabilities
  2. Outstanding technical support
  3. Unbeatable value

Visit for a complete guide to SurePassID Authentication Server pricing and features.

Discover why leading enterprises choose SurePassID Authentication Server

Talk to one of our MFA experts about your unique requirements. Or request a demo and see how easy it is to secure your universe of apps with SurePassID Authentication Server.