This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RSA SecurID® Access Discussions

Browse the SecurID Access discussion board to get product help and collaborate with other users of SecurID Access.
DavidPala2
Beginner
Beginner
‎2020-04-23 03:07 AM

Will RSA SecurID Access IDR OS be updated soon ?

Jump to solution

Dear All,

 

Trying to PoC the RSA SecurID Access solution, I have to conform to corporate processes.

One of them is the vulnerability scan of the IDR OVA appliance, once it's deployed.

 

As a result of the scan, I was told that the Operating System is obsolete, as it is : SUSE Linux Enterprise Server 11 SP4.

 

Getting a tour at SUSE Lifecycle reference : https://www.suse.com/lifecycle/ 

We get the following :

pastedImage_2.png

 

So right now, I am absolutely unable to deploy the IDR because of obsolete OS.

 

Has someone a solution for me...?      🙂

Or maybe, the IDR OS is about to be updated very soon ?

 

Another point is that SSH Server Public Key is too small.

To remediate this point, I have to delete the existing SSH server keys, then restarting it, but I was not able to become "root" on the Identity Router.

So my question is : is there a way to become "root" on an RSA SecurID Identity Router ? or any mean to be able to modify root-owed "system files" ?

 

Thanks in advance for helping !

 

Kind Regards,

David

Labels (1)
0 Likes
Reply
1 Solution

Accepted Solutions
TedBarbour
Employee
Employee
‎2020-04-23 12:54 PM

Jump to solution

Hi David Pala‌ - we do have plans to update the the underlying OS later this year.  In the mean time, we have LTSS on the current version which provides ongoing maintenance and security patches.

RSA will investigate and patch as necessary vulnerabilities reported via RSA customer support.

Also, as this is a proprietary "black box" appliance, you can contact customer support to assist with gaining root access if needed.

 

Thanks,

Ted

View solution in original post

Reply
2 Replies
TedBarbour
Employee
Employee
‎2020-04-23 12:54 PM

Jump to solution

Hi David Pala‌ - we do have plans to update the the underlying OS later this year.  In the mean time, we have LTSS on the current version which provides ongoing maintenance and security patches.

RSA will investigate and patch as necessary vulnerabilities reported via RSA customer support.

Also, as this is a proprietary "black box" appliance, you can contact customer support to assist with gaining root access if needed.

 

Thanks,

Ted

View solution in original post

Reply
DavidPala2
Beginner
Beginner
In response to TedBarbour
‎2020-04-24 03:12 AM

Jump to solution

Hi Ted Barbour‌,

 

Thanks for prompt answer !

For the LTSS subject, that is what I precisely answered the Security Team guy before posting, and I will now forward him your answer.

For the root access, thanks for the clue, I will raise a case by now.

 

Kind Regards,

David

0 Likes
Reply
© 2020 RSA Security LLC or its affiliates.
All rights reserved.