Skip navigation
All Places > Products > RSA SecurID Access > Blog > 2019 > July
2019

Insight into Identity Confidence

With this latest release of RSA SecurID Access, organizations will be able to view up-to-date identity confidence analytics information through the Cloud Administration Console. The analytics page will provide information on how many users were deemed risky based on the Identity Confidence policies set by the organization and what factors contributed to that risky behavior across their user population.  

 

Enable Auto-Push for RADIUS additional authentication Use Cases

When additional authentication is required for RADIUS clients, end-users can receive automatic push notifications (approve or biometrics) without any additional user interaction, providing a convenient end-user experience.   This capability can be configured under the RADIUS configuration page in the cloud authentication console. 

 

Enhanced security of FIDO token enrollment

Securely enroll FIDO based authenticators using the RSA SecurID Access My Page self-service portal. The My Page self-service enrollment portal allows organizations to protect FIDO registration with an access policy that is aligned with the organizations’ existing policies. Organizations will be able to optionally disable the FIDO token registration for their end-users which automatically occurs during user authentication and instead enable policy-protected enrollment through My Page.

 

Improved deployment options and supportability enhancements for the identity router

  • Flexible deployment options for identity routers. The identity router supports transparent, explicit, and man-in-the-middle proxy configurations. The identity router will inform if a non-RSA SSL proxy certificate is configured, and allow to temporarily accept the certificate and proceed while the administrator works with the network IT to whitelist the URL.
  • Identity router setup has been simplified. The proxy interface, which is not required for non-SSO deployments, is disabled by default in the Identity Router Setup Console. Enable as needed for SSO deployments.
  • Quickly identify potential problems that might occur while setting-up and monitoring identity routers using the improved status indicators in the Cloud Administration Console. The Platform > Identity Routers list page will provide more details on the status of each identity router and its dependent services, including the status of clusters, memory usage, CPU usage, and cloud connectivity

IP Address Changes - Please Plan in Advance!

To align with Microsoft Azure Resource Manager deployment model changes, the Cloud Authentication Service and Cloud Administration Console IP addresses will be changing in September 2019. Organization’s deployments must be able to connect to both new and old IP addresses in September 2019.

 

RSA recommends that you start planning with your organization now to make the necessary changes to connect to these new IP addresses. If the firewall rules are not updated with the new IP addresses, the identity routers will not be able to contact the Cloud Authentication Service.  This will cause disruption in the service. For details, see Notice of Upcoming Cloud Authentication Service IP Address Changes.

RSA continues to strengthen its RSA SecurID Access Cloud Authentication Service with the July product release.  For further details on all the new and updated capabilities of the July release, please refer to the Release Notes.

Calling all RSA Authentication Manager (AM) customers!  Interested in enabling your end users to have a more convenient and secure modern multi-factor authentication experience?   Now is the time to act. 

 

What is really exciting, is that you can enhance the end user experience without disrupting or changing your existing authentication agent infrastructure.  Users can authenticate using their SecurID pin + mobile "push-to-approve" to existing SecurID agents such as VPN, PAM and RADIUS clients without the need to disrupt existing user populations. 

 

RSA has just announced the release of RSA Authentication Manager 8.4 Patch 4 which has several new features that provides an easy and efficient approach to adopting multi-factor authentication.     

  • Accelerate the time value by simply clicking on new wizard button:  From the AM console, super administrators can easily connect RSA Authentication Manager to the cloud authentication service and perform a test authentication for validation.  This process will require you to copy a Registration Code and URL from the Cloud Authentication Service into the wizard to establish a one-way secure SSL channel between AM and the Cloud Authentication Service.  For additional security, add a proxy server.  
  • Invite users to register for modern mobile MFA directly from the Manage Users page in the RSA Authentication Manager console:  A default email template is provided which can be customized to meet your internal communication requirements.  Simply select the users and an email will be sent that includes the URL to My Page the new RSA SecurID Access Self Service Page.  Establish a policy that requires your selected users to login to My Page.  Several options are available including using their existing SecurID token for added security.  Once in My Page, users can register their mobile device and download the Authenticate App.
  • Unified Management Console: Help Desk administrators can manage mixed token / MFA deployments through the enhanced unified management capabilities of the AM User Dashboard to rapidly troubleshoot and resolve end user calls.   

 

Four Easy Steps to get started now

  1. Contact your RSA Sales Representative or you RSA Channel Partner to get your RSA Cloud Tenant provisioned.   Take advantage of the free MFA Promotion currently available.
  2. Deploy the Cloud Authentication Service (IDR and Cloud Tenant); Connect the Identity Router component to the same Identity Source that your RSA Authentication Manager is connected to. 
  3. Enable the new SecurID Access My Page self-service console; Select a policy to access My Page
  4. Download and install RSA Authentication Manager AM 8.4 Patch 4.  Click on the “Configure the Connection: Button from the AM Security Console to create the secure channel and invite users to register and enroll.

 

For more information, click here:  Modern-MFA

Filter Blog