RSA SecurID® Access Release Notes for RSA Authentication Manager 8.2 SP1

Document created by RSA Information Design and Development on Aug 8, 2018Last modified by George Spagnoli on Aug 17, 2018
Version 6Show Document
  • View in full screen mode

 

 

   

RSA Authentication Manager 8.2 SP1 includes the following new features and enhancements:

  • Cloud Authentication Service users can access on-premise resources protected by SecurID agents.
  • Remotely restore original system settings to an RSA SecurID Appliance 250 hardware appliance
  • Numerous additional improvements described below.
  • Documentation changes
  • Upgrade path from version 8.2

Cumulative patches are available for Authentication Manager. For the most recent update, see RSA Authentication Manager 8.2 SP1 Downloads.

Remotely Restore Original System Settings to an RSA SecurID Appliance 250

For disaster recovery on the RSA SecurID Appliance 250 hardware appliance, you can remotely restore the original hardware appliance system image. This release qualifies remotely restoring the version 8.2 SP1 original system image, but any version 8.2 or later system image can be restored. A hardware appliance ISO image is provided on RSA Download Central.

On an RSA SecurID Appliance 250, you must have configured the integrated Dell Remote Access Controller (iDRAC) or the Intel Remote Management Module (RMM), or else you can only restore the original system image locally. The original system settings can only be restored locally on the RSA SecurID Appliance 130 because this model does not include a port for remote access.

For instructions, see Hardware Appliance System Image Installation.

Additional Improvements for RSA Authentication Manager

RSA Authentication Manager contains the following additional improvements. 

                                   
ImprovementDescription
Download and save network settings

On a primary or replica instance, you can download a text file that lists the network settings for that instance.

You can save this information, and refer to it if you need to restore the original system image on a hardware appliance or if you need to replace a virtual appliance.

RSA RADIUS upgradeThe upgraded RSA RADIUS software uses the Transport Layer Security (TLS) 1.2 cryptographic protocol, instead of SSL 3.0, for RADIUS replication ports, such as port 1813, TCP.

Microsoft Active Directory Lightweight Directory Services 2012 R2

Microsoft Active Directory Lightweight Directory Services 2012 R2 (AD LDS) is qualified to run as an external identity source with RSA Authentication Manager.

Authentication Manager supports Active Directory Lightweight Directory Services (LDS) servers if the same server does not also have an Active Directory Domain Controller role. If a server has an Active Directory Domain Controller role, select that identity source type when connecting the identity source to Authentication Manager.

Workflow provisioning included with Authentication Manager Base or Enterprise license

Workflow Provisioning is now a non-licensed feature and available at no additional cost. This feature automates workflows for distributing authenticators and allows users to perform many provisioning tasks from the Self-Service Console.

On-Demand Authentication (ODA) tokencode length

You can choose either 6 or 8 digits as the character length for ODA tokencodes generated by RSA Authentication Manager. The default value is 8. For instructions, see the Help topic “Change the Character Length for On-Demand Authentication Tokencodes.”

Transfer ODA data between deployments

The Export Tokens and Users page in the Security Console allows you to specify whether to export ODA data. Users configured for ODA authentication can continue using ODA features when you import the data to another deployment.

RSA Authentication Manager Product Documentation Changes

RSA Authentication Manager 8.2 Service Pack 1 guides and Help systems were updated for this release. For the most recent documentation, see the RSA Authentication Manager 8.2 SP1 documentation page.

In addition, the documentation includes the following changes.

                               
Guide or Help SystemDescription

Operations Console Help and Security Console Help

Help Desk Administrator’s GuideIncluded in the combined Help. The Help Desk Administrator Reference Help topic includes links to the most common Help Desk Administrator tasks.
SNMP Reference Guide
  • Available in HTML format on RSA Link instead of in a PDF file.
Troubleshooting GuideAvailable in HTML format on RSA Link instead of in a PDF file.
Administrator's GuideShorter and more usable. This guide focuses on the information that is most commonly requested, such as system maintenance, troubleshooting, and replica instance promotion. All of the information that was removed from this guide is included in the Help.

Note:  The Developer’s Guide and the software development kit (SDK) are located in the Extras download kit, rsa-am-extras-8.2.1.0.0.zip, from Download Central.

Upgrading from RSA Authentication Manager 8.2

RSA Authentication Manager 8.2 can be upgraded to version 8.2 SP1. A direct migration from RSA Authentication Manager 6.1 or RSA Authentication Manager 7.1 is not supported. Instead, do the following:

                       
DeploymentUpgrade Path
VMware virtual appliance
  • Migrate to RSA Authentication Manager 8.1
  • Upgrade to RSA Authentication Manager 8.1 SP1
  • Upgrade to RSA Authentication Manager 8.2
  • Upgrade to RSA Authentication Manager 8.2 SP1
Hyper-V virtual appliance
  • Migrate to RSA Authentication Manager 8.1 SP1
  • Upgrade to RSA Authentication Manager 8.2
  • Upgrade to RSA Authentication Manager 8.2 SP1
Hardware appliance
  • Migrate to RSA Authentication Manager 8.1
  • Upgrade to RSA Authentication Manager 8.1 SP1
  • Upgrade to RSA Authentication Manager 8.2
  • Upgrade to RSA Authentication Manager 8.2 SP1

    Note:  Some RSA SecurID Appliance 3.0 hardware appliances can be upgraded and do not require new hardware. For instructions on how to determine if you can upgrade a particular appliance, see the RSA Authentication Manager 7.1 to 8.1 Migration Guide: Upgrading RSA SecurID Appliance 3.0 on Existing Hardware.

RSA Authentication Manager 8.2 SP1 includes the software fixes in the cumulative Patch 3 for version 8.2. Applying version 8.2 SP1 removes any software fixes that are not included in the cumulative Patch 3 for version 8.2. To obtain these fixes, you must apply version 8.2 SP1 patches as they become available.

For the upgrade instructions, see Appendix A, “Upgrading to RSA Authentication Manager 8.2 SP1” in the RSA Authentication Manager 8.2 SP1 Setup and Configuration Guide.

Note:  The upgrade to RSA Authentication Manager 8.2 SP1 is not reversible. If SP1 is not applied successfully, you cannot roll back to version 8.2. Before applying SP1, RSA strongly recommends backing up your deployment in one of the following ways: using the Back Up Now feature in the Operations Console of the primary instance, backing up a hardware appliance with PING, taking a VMware snapshot, or creating a Hyper-V checkpoint.

Fixed Issues

RSA Authentication Manager 8.2 Service Pack 1 (SP1) includes the fixes that were provided in Patches 1 through 3 for RSA Authentication Manager 8.2. For the complete list of the issues that were resolved, see the RSA Authentication Manager 8.2 Patch 3 Readme.

Known Issues

For a list of known issues for RSA Authentication Manager 8.2 SP1, see RSA Authentication Manager 8.2 Service Pack 1 Known Issues.

 

 

 

 

 

Attachments

    Outcomes