Trellix- SAML Relying Party Configuration - RSA Ready Implementation Guide
2 years ago

This article describes how to integrate RSA with Trellix using SAML Relying Party.
 

Configure RSA Cloud Authentication Service

Perform these steps to configure RSA Cloud Authentication Service as Relying Party to Trellix.
Procedure
  1. Sign in to the RSA Cloud Administration Console.
  2. Navigate to the Authentication Clients menu, and from the dropdown, select Relying Parties.image.png
  3. In the Relying Party Catalog, select Add a Relying Party and click Add for Service Provider SAML.image.png
  4. On the Basic Information page, enter a name for the application in the Name field and click Next Step.image.png
  5. In the Authentication tab, select SecurID manages all authentication.
  6. Select the Primary Authentication Method and Access Policy for Additional Authentication as required and click Next Step.image.png
  7. To provide Service Provider details, select Import Metadata, click the Choose File button, and select the file downloaded from the Service Provider.image.png
Refer to the Trellix Configuration steps to get metadata file.
  1. Assertion Consumer Service (ACS) URL and Service Provider Entity ID values will be auto filled.image.png
    1. SP signs SAML requests and Encrypt Assertion details will be auto filled.image.png
  2. In the SAML Response Protection section, select IdP signs assertion within response, and download the certificate by clicking Download Certificate.image.png
  3. Under the User Identity section, select Show Advanced Configuration, then configure Identifier Type and Property as follows: 
    1. Identifier Type: Auto Detect 
    2. Property: Auto Detect
image.png
  1. Click Save and Finish.
  2. On the My Relying Parties page, click Edit dropdown and select Metadata option to download the metadata.image.png
  3. Click Publish Changes to save your settings. After publishing, your application will be enabled for SSO.image.pngimage.png
 

Configure Trellix

Perform these steps to configure Trellix.
Procedure
  1. Log in to Trellix as an administrator.
  2. Click the profile icon at the top right corner and select Identity Provider from the dropdown menu.image.png
  3. Click the Enable identity provider SSO toggle to enable SAML SSO.
  4. Provide the following details:
    1. Issuer: The value of entityID, obtainable from the metadata file downloaded from the RSA platform.
    2. Certificate: Upload the certificate downloaded from the RSA platform.
    3. Login URL: The value of SingleSignOnService, obtainable from the metadata file downloaded from the RSA platform.
  5. Click Save.
image.png
  1. Next to SAML Metadata, click Download to download the Trellix metadata file for RSA configuration.image.png

The configuration is complete.
Return to Trellix- RSA Ready Implementation Guide

Related Articles

Trending Articles

Don't see what you're looking for?