RSA Announces the November 2020 Release of RSA SecurID Access

Document created by RSA Product Team Employee on Nov 11, 2020Last modified by RSA Product Team Employee on Nov 20, 2020
Version 12Show Document
  • View in full screen mode

As part of continuous platform upgrades and improvements, this release includes security updates to the Cloud Authentication Service and identity router that help ensure that your organization is safe from security holes and vulnerabilities. RSA stays on top of security best practices by including strong encryption modules that are FIPS 140-2-compliant, and by hardening operating systems, to reduce the compliance burden for your company.

In the November release,  the identity router image available for download from the Cloud Administration Console is based on SLES 12 SP5. If you download and deploy this new identity router image, be aware of the following:

  • Certificates and keys you upload for SSO SAML applications and RSA SecurID Access Application Portal (domain certificate) in the Cloud Administration Console must each have a minimum key length of 2048 bits.
  • Signature algorithms RSA\SHA1 (rsa-sha1) and DSA\SHA1 (dsa-sha1) are no longer supported for signing SAML assertions for SAML applications in the RSA SecurID Access Application Portal.
If you choose not to download and deploy the new identity router image, you do not need to take further action. Identity routers will be updated according to the schedule provided in the Release Notes. These updates are software only and do not update the operating system to SLES 12 SP5.

The November 2020 release of RSA SecurID Access also includes the following new features and enhancements:

  • You can now view the total number of active users for the current and previous months using the Cloud Administration Console Dashboard. You can also collect usage data through the Cloud Administration Retrieve License Usage API for external trending analysis. Use this information to optimize your product usage, accurately forecast future needs, and meet compliance requirements. For more information see Usage Information.
  • You can disable the Remember This Browser prompt that appears during step-up authentication. After you disable it, users are never prompted to click Remember This Browser. For configuration instructions, see Configure Company Information and Certificates.
  • The Identity Confidence Dashboard now displays a graph that allows you to see a user's Confidence scores over a period of time. The graph helps you understand any trends in anomalous behavior for an individual user benchmarked against the behavior of all users. It also displays the top contributing factors that reduced the score for each access attempt where the user's identity confidence score was determined to be low in relation to the Confidence Threshold. For more information, see View User Risk Analytics and Track User Behavior Over Time.
EOPS Policy:RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.