SecurID® Authentication Manager 8.7 Release Notes (June 2022)

SecurID® Authentication Manager 8.7 delivers compelling features that make it faster and easier to take the journey to modern multifactor authentication and the Cloud. It includes the following new features and enhancements:

For additional information, see:

For a complete list of product documentation, see the SecurID Authentication Manager Documentation page.

To receive notifications about changes to this page, sign in to RSA Link and select Subscribe.

Cloud Migration for SecurID 700 Hardware Tokens

SecurID® Authentication Manager (AM) 8.7 enables easy migration of SecurID 700 hardware tokens to the Cloud Authentication Service (CAS). Administrators can decide which tokens to migrate and which tokens to retain within AM, based on multiple factors. They can then provision and manage these tokens directly from CAS for existing and new users.

For the migrated tokens:

  • Administrators can then manage them using the Cloud Administration Console without impacting their on-premises infrastructure.

  • AM 8.7 will still be able to manage authentication for these tokens if CAS is unreachable.

Authentication Manager OS Upgraded to SUSE Linux Enterprise Server 12 SP5

Authentication Manager OS is upgraded to SUSE Linux Enterprise Server 12 SP5, fully supported until 2027. Note that AM 8.6 or earlier is on SUSE Linux Enterprise Server 12 SP3, for which the LTSS ends on 30 Jun 2022.

Oracle WebLogic Server Upgrade

To provide customers with a fully supported WebLogic server, AM 8.7 is packaged with the Oracle WebLogic Server 12.2.1.4. Note this upgrade was also delivered as part of AM 8.6 Patch 1.

Internal Use Only am-client jar - AM Admin SDK Contains an Internal Jar

You would see an extra jar in am-extras artifact inside {am_extras_87_directory}/experimental/lib/ in AM 8.7. This is for internal and future use only and has no bearing to any current and past integrations. It should not be used for any purposes.

Upgrading from SecurID® Authentication Manager 8.6

You can apply the AM 8.7 upgrade to any hardware appliance or virtual appliance that has AM 8.6 software installed. Follow the standard steps to apply an Authentication Manager update from your web browser, a Windows shared folder, an NFS share, or a DVD or CD.

Each virtual appliance must have at least 9.5 GB of free disk space if you are upgrading through your web browser. You must have minimum 6 GB of free disk space if you are upgrading from a Windows shared folder, an NFS share, or a DVD or CD.

Update Source Minimum Required Disk Space
Web browser 9.5 GB
Windows shared folder 6 GB
NFS share 6 GB
DVD or CD 6 GB

 

AM 8.7 contains the new features and enhancement from AM 8.6 Patch 1. For more information, see the SecurID Authentication Manager 8.6 Patch 1 Readme. The fixes and enhancement from 8.6 Patch 2 and later will be included in future 8.7 patches. For upgrade instructions, see the SecurID Authentication Manager 8.7 Setup and Configuration Guide.

Upgrading from Version Prior to SecurID® Authentication Manager 8.6

To upgrade from version prior to AM 8.6, you must first upgrade to AM 8.6 and then to AM 8.7. For instructions, see the SecurID Authentication Manager 8.7 Setup and Configuration Guide.

Note: If you are using a Windows share, RSA Authentication Manager 8.4 and later requires the SMBv2 or SMBv3 protocol. SMBv1 is no longer supported.

Upgrading an Existing Deployment that Does Not Yet Use Azure or Amazon Web Services

You can upgrade an existing deployment that is not yet using the Azure Cloud or Amazon Web Services (AWS) Cloud.

The Azure virtual appliance supports a mixed deployment of Cloud and on-premises appliances. To upgrade an existing deployment that is not yet using the Azure virtual appliance, do the following:

  1. Sign into RSA Link, and download rsa-am-update-8.7.0.0.0.zip.

  2. Upgrade to AM 8.7.

    For instructions, see the SecurID Authentication Manager 8.7 Setup and Configuration Guide.

  3. Deploy the new AM 8.7 replica instances in Azure.

  4. To move your primary instance into Azure, promote a replica instance, and delete your existing primary instance.

    If the new primary instance and the replica instances are out-of-sync, you must synchronize each out-of-sync replica instance in the primary instance Operations Console.

The Amazon Web Services (AWS) virtual appliance supports a mixed deployment of Cloud and on-premises appliances. To upgrade an existing deployment that is not yet using the AWS virtual appliance, do the following:

  1. Sign into RSA Link, and download rsa-am-update-8.7.0.0.0.zip.

  2. Upgrade to AM 8.7.

    For instructions, see the SecurID Authentication Manager 8.7 Setup and Configuration Guide.

  3. Deploy the new AM 8.7 replica instances in AWS.

  4. To move your primary instance into AWS, promote a replica instance, and delete your existing primary instance.

    If the new primary instance and the replica instances are out-of-sync, you must synchronize each out-of-sync replica instance in the primary instance Operations Console.

RSA Authentication Agent Support

RSA authentication agent software packages are available on the SecurID Documentation & Downloads page. AM 8.7 continues to support your authentication agents that use the UDP protocol.

REST protocol authentication agents, such as RSA Authentication Agent 2.0 or later for Microsoft AD FS, RSA Authentication Agent 8.0 or later for PAM, and RSA MFA Agent 2.0.1 or later for Microsoft Windows can use AM 8.7 as a secure proxy server for the Cloud Authentication Service.

You may also purchase products that contain embedded RSA authentication agent software. The software is embedded in a number of products, such as remote access servers, firewalls, and web servers. For more information, go to the RSA Ready Partner website.

Fixed Issues

AM 8.7 contains the new features and enhancement from AM 8.6 Patch 1. For more information, see the SecurID Authentication Manager 8.6 Patch 1 Readme. The fixes and enhancement from 8.6 Patch 2 and later will be included in future 8.7 patches.

AM-45834: If the SecurID Authentication Manager 8.7 upgrade kit contains the “rsa-am-update-readme” file, it confirms that you have the latest SecurID Authentication Manager 8.7 upgrade kit with build number 1429039. The latest kit resolves the AM-45834 issue (Standard RADIUS in make/model was not available in 8.7 after the upgrade from 8.6).

Known Issues

See SecurID® Authentication Manager 8.7 Known Issues.

 

 

© 1994-2022 RSA Security LLC or its affiliates. All Rights Reserved. RSA Conference logo, RSA, and other trademarks are trademarks of RSA Security LLC or its affiliates. For a list of RSA trademarks, https://www.rsa.com/en-us/company/rsa-trademarks. Other trademarks are trademarks of their respective owners.

June 2022

Intellectual Property Notice

This software contains the intellectual property of RSA or is licensed to RSA from third parties. Use of this software and the intellectual property contained therein is expressly limited to the terms and conditions of the License Agreement under which it is provided by or on behalf of RSA.

Open Source License

This product may be distributed with open source code, licensed to you in accordance with the applicable open source license. If you would like a copy of any such source code, RSA or its affiliates will provide a copy of the source code that is required to be made available in accordance with the applicable open source license. RSA or its affiliates may charge reasonable shipping and handling charges for such distribution. Please direct requests in writing to RSA Legal, 174 Middlesex Turnpike, Bedford, MA 01730, ATTN: Open Source Program Office.

System Data Collection and Usage Policy

In certain circumstances, RSA collects data from customer installations of RSA products for purposes including but not limited to accurate billing of product usage and to maintain and improve RSA products. For details see "RSA’s right to collect System Data" in Product Usage Rights: https://www.rsa.com/content/dam/en/terms/units-of-measure.pdf