000019837 - What is the difference between RSA ACE/Agent 5.x for UNIX and a Communications Server?

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000019837
Applies ToRSA ACE/Agent 5.x for UNIX
RSA ACE/Server
Communications Server
IssueWhat is the difference between RSA ACE/Agent 5.x for UNIX and a Communications Server?
Types of RSA ACE/Agent Hosts
Technical and functional differences among Agent Hosts
ResolutionBelow is a summary from page 86 for the "RSA ACE/Server 5.0 - Administration Manual":

There are five types of Agents in the ACE/Server architecture (listed below). Although similar in functionality, there are specific technical and functional differences among them. Hence, an agent of one type might not work properly when its corresponding agent record specifies the wrong type of agent.

1. Communication Server: Remote access server or network access server (NAS), router, or firewall produced by a company that integrates RSA ACE/Agent code into its devices.

The authentication procedure might take longer on a communications server agent. As a result, the Server will have to calculate a wider authentication window --compared to a UNIX or Net OS agent.

If ACE/Server RADIUS is being used, there must be two agents: a) one of type Net OS Agent for the RADIUS server and b) one of type Communication Server for the NAS. The Agent Record of the Communication Server will contain the RADIUS encryption key shared between the ACE/Server RADIUS and the NAS.

2. Single-Transaction Comm Server: A communication server, router, or firewall produced by a company that integrates RSA ACE/Agent code into its devices. It can perform only the standard Enter PASSCODE and PASSCODE Accepted or Access Denied dialog.

3. Net OS Agent:  Uses RSA ACE/Agent for Windows NT, Windows 2000, iPlanet Web Server, Domino Web Server, Novell NMAS, Novell NetWare Connect, or OpenVMS.

4. UNIX Agent: Uses RSA ACE/Agent for UNIX. After authentication, the sdshell included with this agent will use the default shell value to launch the corresponding UNIX shell for the user.

5. NetSP Agent: This agent is a Single-Transaction Comm Server, thus, it will send the node secret. However, it will not support the Next Token Code or New Pin modes. This is considered a legacy agent type and it is rarely used now.
Legacy Article IDa12522

Attachments

    Outcomes