Backup Authentication Method for Risk-Based Authentication

Document created by RSA Information Design and Development on Jun 13, 2017Last modified by RSA Information Design and Development on Jun 13, 2017
Version 2Show Document
  • View in full screen mode

RSA recommends that you set up a replicated deployment of Authentication Manager. A replica instance ensures high availability for risk-based authentication (RBA). If you do not use a replica instance, configure your web-based application to use a backup authentication method. A backup authentication method allows users to continue accessing network resources if Authentication Manager becomes unavailable or user authentication is unsuccessful.

When RBA is configured for your web-based application, Authentication Manager authenticates the user using the directory server and internal database in your environment. To ensure an effective backup method, plan to revert authentication configuration of the web-based application so that it authenticates users directly using the directory server.

The backup method that you use depends on your web-based application and the other products in your environment that are involved in user authentication workflow. Consider the following methods:

  • Use the original logon page for your web-based application.

    Redirect users to the original logon page, or replace the modified logon page with the original version.

  • Using your web-based application, create a backup method that is specific to the user population that uses RBA.

    Change the authentication workflow only for the user population, group, or domain that uses RBA.

  • Using your web-based application, create a backup method that is specific to the network resource that you are protecting with RBA.

    Change the profile or policy for the network resource that you are protecting with RBA.

For more information, see your agent documentation.

 

 


Attachments

    Outcomes