Authentication Agent Types

Document created by RSA Information Design and Development on Jun 13, 2017Last modified by RSA Information Design and Development on Feb 12, 2018
Version 3Show Document
  • View in full screen mode

When you deploy an agent, you specify whether the agent is unrestricted or restricted.

Unrestricted agents. Unrestricted agents process all authentication requests from all users in the same deployment as the agent.

However, to allow a user to authenticate with a logon alias, the user must belong to a user group that is associated with the logon alias and that is enabled on the unrestricted agent.

Restricted agents. Restricted agents process authentication requests only from users who are members of user groups that have been granted access to the agent. Users who are not members of a permitted user group cannot use the restricted agent to authenticate. Resources protected by restricted agents are considered to be more secure because they process requests only from a subset of users.