The July 2019 release of RSA SecurID Access provides the following features and benefits:
- Users can register FIDO Tokens in a more secure environment using RSA SecurID Access My Page. My Page allows you to protect FIDO registration with an access policy that you can align with your company’s existing policies. After you enable My Page registration for FIDO Tokens, the FIDO Token registration process that occurs
during user authentication automatically becomes disabled.
- The user experience for accessing RADIUS-based applications has been improved. Previously, automatic push notifications were not available when only the access policy was applied for additional authentication (without primary validation). These notifications are now available for this configuration.
- Identity router setup has been simplified for identity routers deployed in the VMware and Hyper-V
environments. The proxy interface, which is not required for non-SSO deployments, is disabled by default in the
Identity Router Setup Console. You can enable it as needed for SSO deployments.
- You can quickly identify potential problems that might occur when you set up and monitor identity routers using the improved status indicators in the Cloud Administration Console. The Platform > Identity Routers list page provides more details on the status of each identity router and its dependent services, including the status of clusters, memory usage, CPU usage, and cloud connectivity.
- More flexible deployment options for identity routers are available to you. The identity router supports transparent, explicit, and man-in-the-middle proxy configurations. The identity router informs you if a non-RSA SSL proxy certificate is configured, and allows you to temporarily accept the certificate and proceed while you work with your network IT to whitelist the URL.
- You can view up-to-date identity confidence analytics information by generating a report in the Cloud Administration Console. The report, provided in a graphical, easy-to-read format, displays the number of times users attempted to access resources that are protected by access policies that contain the identity confidence attribute. The report can include all users in your company or only individual users within a specified timeframe. This report is particularly useful to Help Desk Administrators when they assist users who, for example, may have to authenticate at a high assurance level because their identity confidence scores are low.
You must update your identity router software to take advantage of certain features. For details, see the Release Notes.
Urgent: Upcoming Cloud Authentication Service IP Address Changes
To align with Microsoft Azure Resource Manager deployment model changes, the Cloud Authentication Service
and Cloud Administration Console IP addresses will be changing in September 2019. Your deployment must be
able to connect to both new and old IP addresses in September 2019.
RSA recommends that you start planning with your organization now to make the necessary changes to connect
to these new IP addresses. If you do not update your firewall rules with the new IP addresses, your identity
routers will not be able to contact the Cloud Authentication Service and services will be disrupted. For details,
see Notice of Upcoming Cloud Authentication Service IP Address Changes.