Advanced Mobile Authentication for Citrix Storefront
We are happy to announce the release of the RSA Authentication Agent v2.0 for Citrix StoreFront. The Citrix Storefront agent is authentication software that provides Citrix StoreFront with a seamless authentication experience and additional mobile authentication methods for users inside and outside of the corporate firewall. For more details please refer to the Release Notes.
The March release for the RSA SecurID® Access Cloud Authentication Service is now available.
This month’s release contains the following features:
Reduce Digital Risk with Threat-Aware Authentication
Threat-aware authentication allows you to control whether high risk users are allowed to access protected resources or if these users must authenticate at a higher assurance level than other users. Users might be identified as high risk because their accounts have been compromised, or because a third-party security information and event management (SIEM) solution, such as RSA NetWitness, has found suspicious activity. Additional details can be found here - Drive Intelligent Access Decisions with Identity Insights and Threat Context to Reduce Digital Risk
Enhanced Policy Support for Multiple RADIUS Profiles
To accomodate the varied levels of privilege and policy across RADIUS clients, such as firewalls, VPN and others, RSA SecurID Access now supports multiple RADIUS profile configurations. You will be able to create custom RADIUS profiles that specify an access policy rule set to identify which users can authenticate through the clients associated with the profile. You will be able to associate multiple profiles with a single client, or the same profiles with multiple clients. More details on how to leverage multiple RADIUS profiles can be found here - Multiple RADIUS Profiles Provide Policy-Driven Granular Control
Improved Visualization of the Identity Router for Simplified Management
This release introduces improved visualization of the identity router status in the administrators cloud console to more quickly understand the root cause of any issues. Additional details can be found here - Troubleshooting Identity Router issues made easier
Improved Identity Router Troubleshooting
We have added capabilities to enabled debug logging on the identity router before it has connected to the clouds service. Previously you had to connect the identity router to the cloud service before you could enabled debugging. Additional details can be found here - Enhanced Troubleshooting Before You Connect to the Cloud
Add Users to the Cloud When You Need Them
Just-in-time user provisioning will sync the user to the cloud, at the time of first authentication, if they are in scope for the service. This allows new users to use the service even if they have not previously been synchronized to the cloud. We have enabled “just-in-time provisioning” by default for all new RSA SecurID Access customers. Existing customers will need to navigate to turn on just-in-time synchronization before they can leverage the feature. Additional details can be found here - Add Users to the Cloud Only When you Need Them
We are adding support for FIDO2 hardware tokens which use public/private key cryptography. FIDO2 can be used for step-up authentication as part of conditional Policy to get access to web applications using Chrome, FireFox and Edge browsers. We continues to allow in-line registration and management for this authenticator. RSA continues to evaluate FIDO as a convenient and secure way to authenticate. FIDO2 hardware tokens are now supported on more browsers (including mobile browsers). A full list of supported browsers can be found here - Cloud Authentication Service User Requirements
Role permissions for select administrator API commands
To ensure correct API role permissions – when you generate an administrator API key you will have to select either the helpdesk or super administrator role for that key. Some REST APIs will be limited only to the super administrator role. A full list of REST APIs can be found here - Manage the Cloud Administration API Keys
For further details on all the new and updated capabilities of the March release, please refer to the Release Notes here:
and product documentation here:
All of these enhancements make RSA SecurID® Access and even more convenient, pervasive and intelligent solution for your authentication needs.