Certified: August 22, 2019
Solution Summary
This section describes the ways in which Forescout can integrate with RSA SecurID Access.
Use Cases
RADIUS proxy - Forescout acts a RADIUS proxy between a Cisco ASA and RSA SecurID Access. Should an endpoint or user match a Forescout control policy, Forescout rejects any additional authentication attempts from the user.
Integration Types
RADIUS integrations provide a text driven interface for RSA SecurID Access within the partner application. RADIUS provides support for most RSA SecurID Access authentication methods and flows.
Supported Features
This section shows all of the supported features by integration type and by RSA SecurID Access component. Use this information to determine which integration type and which RSA SecurID Access component your deployment will use. The next section contains the steps to integrate RSA SecurID Access with Forescout for each integration type.
Forescout Integration with RSA Cloud Authentication Service
| Authentication Methods | Authentication API | RADIUS | Relying Party | SSO Agent |
|---|---|---|---|---|
| RSA SecurID | - | - | - | |
| LDAP Password | - | - | - | |
| Authenticate Approve | - | - | - | |
| Authenticate Tokencode | - | - | - | |
| Device Biometrics | - | - | - | |
| SMS Tokencode | - | - | - | |
| Voice Tokencode | - | - | - | |
| FIDO Token | n/a | n/a | - | - |
Forescout Integration with RSA Authentication Manager
| Authentication Methods | Authentication API | RADIUS | Authentication Agent |
|---|---|---|---|
| RSA SecurID | - | - | |
| On-Demand Authentication | - | - | |
| Risk-Based Authentication | n/a | - | - |
| Supported | |
| - | Not supported |
| n/a | Not applicable |
| n/t | Not yet tested or documented, but may be possible. |
Configuration Summary
The following links provide instructions on how to integrate Forescout with RSA SecurID Access.
This document is not intended to suggest optimum installations or configurations. It assumes the reader has both working knowledge of all products involved, and the ability to perform the tasks outlined in this section. Administrators should have access to the product documentation for all products in order to install the required components. All RSA SecurID Access and Forescout components must be installed and working prior to the integration.
Integration Configuration
Certification Details
Date of testing: August 7, 2019
RSA Cloud Authentication Service
RSA Authentication Manager 8.3, Virtual Appliance
Forescout 8.0
Known Issues
No known issues.
