000033958 - Public proxy IP address usage and RSA Adaptive Authentication for eCommerce Back Office applications

Document created by RSA Customer Support Employee on Sep 28, 2016Last modified by RSA Customer Support on Jun 14, 2018
Version 4Show Document
  • View in full screen mode

Article Content

Article Number000033958
Applies ToRSA Product Set: Adaptive Authentication for eCommerce
RSA Product/Service Type: Back Office
 
IssueFor security and compliance reasons, access to all RSA Adaptive Authentication for eCommerce (AAeC) Back Office applications is limited by IP whitelist restrictions, in addition to ID and password, to ensure connectivity to the sites is possible only from authorized parties.

The IP addresses of a pubic proxy such as Forcepoint are shared between organizations that use the public proxy. Therefore, adding the IP addresses of a public proxy to an RSA Adaptive Authentication for eCommerce whitelist nullifies the spirit of IP whitelist restrictions because the IP addresses do not provide the added assurance of the connecting party.
TasksOrganizations who use a public IP proxy should ensure their staff does not use the public proxy's IP addresses when accessing the RSA Adaptive Authentication for eCommerce Back Office applications.  Only dedicated public IP addresses may be added to an RSA Adaptive Authentication for eCommerce IP whitelist.
Resolution A proxy bypass can be configured to ensure that only the organization's dedicated public IP addresses are used when connecting to RSA Adaptive Authentication for eCommerce Back Office applications.
NotesFor more information on IP whitelisting in RSA Adaptive Authentication for eCommerce, refer to the following article:  Why am I unable to access RSA Back Office applications and analytics reports in RSA Adaptive Authentication for eCommerce?

Attachments

    Outcomes