ID Plus LicensesID Plus Licenses
RSA offers three ID Plus subscription license plans: E1, E2 and E3. For more information, see the ID Plus page on rsa.com.
SecurID Cloud Plans and SecurID Editions are still supported. For more information, see SecurID Cloud Plans and SecurID Editions.
The high-level details are described below:
Authentication ComponentsAuthentication Components
The following table shows the authentication software available with each license.
| ID Plus E1 | ID Plus E2 | ID Plus E3 | |
|---|---|---|---|
| RSA Cloud Service | Included | Included | Included |
|
RSA Authentication Manager Server Enterprise License: 1 Primary Instance and up to 15 Replica Instances |
Included | Included | |
| Authentication Manager server with Authentication Manager Bulk Administration (AMBA) | Included | Included |
SecurID® FederalSecurID® Federal
RSA offers a FedRAMP-authorized version of the ID Plus E2 and ID Plus E3 licenses. SecurID® Federal includes a separate cloud instance reserved for United States Federal Government customers and other authorized agencies.
SecurID® Federal does not support authentication with SMS Tokencode or Voice Tokencode.
Authentication IntegrationsAuthentication Integrations
The following table shows the authentication integrations available with each license.
| Standard Agents |
RSA Ready Agents |
RADIUS Agents |
RSA Authentication API |
SAML Authentication | Web Proxy (Trusted Headers) |
Web Proxy (NTLM, Password Vaulting) | |
|---|---|---|---|---|---|---|---|
| ID Plus E3 | Included | Included | Included | Included | Included | Included | Included |
| ID Plus E2 | Included | Included | Included | Included | Included | Optional | |
| ID Plus E1 | SAML-based only | Included |
Integrations with cloud-based and on-premises directories, including Active Directory, Azure AD, LDAPv3.
Authentication MethodsAuthentication Methods
The ID Plus E1, E2 and E3 licenses include the following authentication methods:
-
Approve (Push) notification through the SecurID App and wearable devices
-
One-Time Passcode (OTP) delivered on-demand through the SecurID App
-
Integrated SMS Tokencode and Voice Tokencode available as an add-on
-
Passwordless authentication through FIDO2 and Device Biometrics, such as Apple FaceID, Android biometrics and Windows Hello
-
Secure One-Time Passcodes using RSA hardware and software tokens
-
Emergency Tokencode
-
(ID Plus E2 and ID Plus E3 only) Customized authentication through the Mobile SDK
ID Plus E2 and E3 include an on-premises and cloud authentication components. The on-premises component of the RSA cloud services provides failover and ensures high availability, including offline authentication. This deployment is included in the ID Plus E2 and ID Plus E3 license.
Hardware tokens are sold separately.
Access Policy AttributesAccess Policy Attributes
The cloud service included with ID Plus allows you to use specific attributes in access policy conditional expressions. These expressions are used to determine authentication requirements and who is allowed or denied access to resources. The following table shows which attributes are available with each license.
| Access Policy Attributes | ID Plus E1 | ID Plus E2 | ID Plus E3 |
|---|---|---|---|
| Identity source attributes (used in rule sets to select target population for policy) | x | x | x |
| IP address (conditional attribute) | x | x | x |
|
Additional conditional attributes:
|
x | x | |
|
Additional conditional attributes:
|
x | ||
|
RSA® Risk AI: Leveraging machine learning, anomaly detection and real-time risk scoring to ensure identity confidence to minimize interrupting end users |
Optional | x | |
| Mobile Lock | Optional | Optional |
Note: If your deployment is downgraded from ID Plus E3 to ID Plus E2, you must examine your access policies and edit them if necessary to ensure that they comply with the ID Plus E2 license. Policies that are not up-to-date can result in authentication failures.
