RSA is excited to announce the release of RSA Authentication Manager (AM) 8.8, a major milestone that streamlines cloud adoption and strengthens modern multi-factor authentication (MFA). This release delivers a host of new features and enhancements designed to boost security, improve flexibility, and simplify identity management.

New Features and Enhancements

Advanced Authentication for RADIUS Clients

Authentication Manager now offers enhanced authentication settings for RADIUS clients to support:

• Cloud MFA Integration: AM now supports advanced authentication settings for RADIUS clients, enabling seamless integration with Cloud Multi-Factor Authentication (MFA) when connected to Cloud Authentication Service (CAS). This feature allows administrators to manage authentication flows effectively across global and local deployments.
• Per-Client Code Matching Toggle: Administrators can now enable code matching for Approve and Device Biometric methods per RADIUS client, offering customization within Hybrid High Availability (HA) environments.
• Password-Based Authentication: Now supports password + step-up authentication with enforced lockout policies for added protection.
• Hybrid HA Support: Ensures uninterrupted access during CAS outages by supporting cloud MFA failover.

PingDirectory Support

Authentication Manager now integrates with PingDirectory (v10.0.0.2) as an identity source, enabling centralized identity management, high availability, and seamless integration with your existing ecosystem.

UEFI-Compatible Web Tier Installation

Authentication Manager Web Tier can now be deployed on virtual machines using UEFI firmware, offering better security, faster performance, and improved manageability aligned with modern IT standards.

Mandatory Company-Specific URLs

To enhance access control and user experience, the system now requires company-specific URLs. Non-company-specific URLs will be blocked. Admins should ensure configurations are updated accordingly.

TLS 1.3 for Secure Communication

Authentication Manager now defaults to TLS 1.3, delivering faster, more secure communication between AM components and external systems. TLS 1.2 remains supported for backward compatibility.

SMTP Over TLS for Secure Email Delivery

Authentication Manager SMTP now natively supports TLS, addressing regulatory, security and compliance requirements. Many cloud email providers, including Google Workspace and Microsoft 365, mandate TLS for SMTP client submissions.

Multiple MFA REST API Key Support

Support for multiple MFA REST API keys allows for secure, flexible communication between Authentication Manager and its agents—ideal for high-security environments or multi-agent deployments.

Operating System Upgrade

Authentication Manager is now powered by SUSE Linux Enterprise Server (SLES) 15 SP4, offering enhanced performance, support, and long-term stability.

Features and Enhancements from AM 8.7 SP2 Patches

Authentication Manager  contains the new features and enhancements from version 8.7 SP2 Patches 1, 2,3,4, and 5.

Upgrade Authentication Manager

You can apply the Authentication Manager 8.8 upgrade to any hardware appliance or virtual appliance that has 8.7 SP2 software installed. Follow the standard steps to apply an Authentication Manager update from your web browser, a Windows shared folder, an NFS share, or a DVD or CD.

Note: The hardware image of 8.8 and hardware appliance with pre-installed 8.8 image are scheduled to be released later.

EOPS Policy

RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.