About the Security Console

Authentication Manager includes an administrative user interface called the Security Console.

The following figure shows the Home page of the Security Console.

securid_security_console_home_screen.png

You use the Security Console for most day-to-day administrative activities, and for some setup and configuration tasks. For example, you use the Security Console to:

  • Add and manage users and user groups

  • Add and manage administrators

  • Assign and manage RSA SecurID tokens

  • Enable and disable users for risk-based authentication or on-demand authentication

  • Add and manage security policies

  • Add and manage authentication agents

  • Designate which network resources you want to protect

  • Connect Authentication Manager to the Cloud Authentication Service.

  • Deploy an embedded identity router.

During Authentication Manager Quick Setup, you define the User ID and password for the Security Console Super Admin account. The Super Admin permissions mean that this account can perform all tasks within Authentication Manager.

You also specify the initial User ID and password for the RSA Operations Console during Quick Setup. If you change the User ID or password for either the Security Console or the Operations Console in the future, the User ID and password for the other Console remains unchanged. These are separate accounts.

Log On to the Security Console

If this is the first logon after Authentication Manager Quick Setup, use the User ID and password provided during setup. If this is not the first logon, enter the credentials required by the Security Console.

You must log on to the Security Console in order to complete administrative tasks.

Note: Do not use the back button for your Internet browser to return to previously visited Console pages. Instead, use the Security Console navigation menus and buttons to navigate.

Procedure

To log on to the Security Console, open a supported web browser, and enter one of the following URLs:

https://fully qualified domain name

https://fully qualified domain name:/sc

https://fully qualified domain name:7004/console-ims

If the Security Console is protected with RSA SecurID, the SecurID PIN is not case sensitive.

Security Console Menus

Before you use the Security Console, make sure that you understand how to use these menus.

The Action Menu

Action menus are available on pages that show lists of objects. For example, an Action menu displays on the User page, which shows lists of users, and on the Administrative Roles page, which shows lists of administrative roles.

You use Action menus to perform actions on objects listed on the page. Actions available in the Action menus change depending upon which objects you select. For example, from the Action menu on the Administrative Roles page, you can select Assign to Administrators and Delete, and from the Action menu on the Users page, you can select options such as Add to User Groups, Assign Administrative Roles, and Delete.

The following figure shows the Action menu on the User Groups page.

securid_action_menu_example_2.png

The Context Menu

Context menus are available on pages that show lists of objects. To access the context menu, left-click on an object in the list of objects. For example, when you left-click on a user that displays in a list on the Users page, or a password policy that displays in a list on the Password Policy page, the context menu displays.

You use context menus to perform actions on objects listed on the page. Actions available in the context menus change depending upon which objects you select. For example, from the context menu on the User Groups page, you can select View or Add More, and from the context menu on the Users page, you can select User Group Membership and Administrative Roles.

The following figure shows the context menu on the User Groups page.

securid_context_menu_example_2.png

Search Fields That Are Not Case Sensitive

The Security Console has search utilities for users, user groups, user attributes, batch jobs, reports, administrative roles, policies, and security domains. The most commonly used search fields are not case sensitive. For example, the User ID field is not case sensitive. If you search users for User ID = admin, the search results include all User ID admin values, such as admin, Admin, and ADMIN.

The following list includes all search fields that are not case sensitive. Any fields not included in this list are case sensitive.

Users

  • User ID

  • Last Name

  • First Name

Batch Jobs

  • Name

Reports

  • Name

  • Last Modified By

User Groups

  • Name

Identity Attribute Definitions

  • Name

  • Category

Administrative Roles

  • Name

Password Policies

  • Name

  • Last Modified By

Lockout Policies

  • Name

  • Last Modified By

Self-Service Troubleshooting Policies

  • Name

  • Last Modified By

Risk-Based Authentication Policies

  • Name

  • Last Modified By

Security Domains

  • Name