Deploying an IPv4/IPv6 Authentication Agent

Document created by RSA Information Design and Development on Jun 13, 2017Last modified by RSA Information Design and Development on Feb 12, 2018
Version 3Show Document
  • View in full screen mode

Before an authentication agent can communicate with RSA Authentication Manager, you must deploy the agent.

Before you begin 

  • Determine whether the authentication agent is restricted or unrestricted. For more information see Authentication Agent Types.

  • (Optional) Define IPv6 network settings on the primary and replica instances. IPv4/IPv6 authentication agents can use IPv4 or IPv6 addresses. If you are using IPv6 addresses, RSA strongly recommends configuring IPv6 network settings on more than one instance. Multiple instances provide deployment-level redundancy and failover authentication, if an instance becomes unresponsive.

    For instructions, see the Operations Console Help topic “Create IPv6 Network Settings on a Primary or Replica Instance.”


  1. Use the Security Console to generate a configuration file for the agent. This allows the agent to locate Authentication Manager servers. For instructions, see Generate the Authentication Manager Configuration File.

  2. Use the Security Console to add a record for the new agent to the internal database. In this step, you can specify whether you are creating a restricted agent. The agent record identifies the agent to RSA Authentication Manager. This process is called registering the agent. For instructions, see Add an Authentication Agent. IPV4/IPv6 agents cannot register automatically. You must add them manually.

    Note:  You can create a single logical agent to reference multiple physical agents. For example, you can create a logical agent called Finance Laptop that can be used for multiple physical agents. This reduces the overhead required to maintain agents.

  3. Configure an IPv4/IPv6 Agent.