|Applies To||RSA Product Set: Adaptive Authentication for eCommerce|
RSA Product/Service Type: Back Office
|Issue||For security and compliance reasons, access to all RSA Adaptive Authentication for eCommerce (AAeC) Back Office applications is limited by IP whitelist restrictions, in addition to ID and password, to ensure connectivity to the sites is possible only from authorized parties.|
The IP addresses of a pubic proxy such as Forcepoint are shared between organizations that use the public proxy. Therefore, adding the IP addresses of a public proxy to an RSA Adaptive Authentication for eCommerce whitelist nullifies the spirit of IP whitelist restrictions because the IP addresses do not provide the added assurance of the connecting party.
|Tasks||Organizations who use a public IP proxy should ensure their staff does not use the public proxy's IP addresses when accessing the RSA Adaptive Authentication for eCommerce Back Office applications. Only dedicated public IP addresses may be added to an RSA Adaptive Authentication for eCommerce IP whitelist.|
|Resolution||A proxy bypass can be configured to ensure that only the organization's dedicated public IP addresses are used when connecting to RSA Adaptive Authentication for eCommerce Back Office applications.|
|Notes||For more information on IP whitelisting in RSA Adaptive Authentication for eCommerce, refer to the following article: Why am I unable to access RSA Back Office applications and analytics reports in RSA Adaptive Authentication for eCommerce?|