Configure Identity Router Security LevelsConfigure Identity Router Security Levels
Security levels determine the cipher requirements that the identity router enforces when connecting to users and components in your RSA SecurID Access deployment. On the Platform > Certificates and Encryption > Encryption Settings page of the Cloud Administration Console, you can view cipher requirements for incoming and outgoing connections, and modify the security level for incoming and outgoing connections.
The default security level is High. When you select a security level, the new setting applies to all identity routers.
The security level you select for incoming connections must support at least one cipher that is compatible with the load balancers and web browsers that connect to the identity router. The security level you select for outgoing connections must support at least one cipher that is compatible with web servers, which connect to the identity router. For example, if a web browser used by your organization does not support any of the ciphers from the Medium level, but supports one of the additional ciphers available at the Low level, you can set the security level to Low to ensure compatibility with that browser. RSA recommends using the highest security level that supports the components you need to connect.
Before you begin
- You must be a Super Admin in the Cloud Administration Console.
- Determine the highest incoming security level that includes the ciphers necessary to communicate with all web browsers and load balancers in your deployment. For security level cipher requirements, see Security Levels and Identity Router Connection Ciphers .
- In the Cloud Administration Console click Platform > Certificates and Encryption > Encryption Settings.
- From the Security Level drop-down menu in the Incoming Connections section, select the security level to use for connections between browsers or load balancers and the identity router.
- From the Security Level drop-down menu in the Outgoing Connections section, select the security level to use for connections between the identity router and web servers for reverse proxy applications.
- Click Save Settings.
- (Optional) To apply the new settings immediately, click Publish Changes.