This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
GauravKumarBali
Beginner
Beginner
‎2019-11-22 01:40 PM

I want to pull a list of all applications that are integrated with RSA token for authentication. How to get this list?

Hi there,

 

I need a list of all applications (including web apps) that are integrated with RSA tokens for authentication. How to generate this list from RSA Security Console? Are there any other ways to get this information? 

 

Regards

Labels (1)
Labels
0 Likes
Reply
3 Replies
_EricaChalfin
Employee (Retired) Employee (Retired)
Employee (Retired)
‎2019-11-22 02:49 PM

Gaurav Kumar Bali‌,

 

A TSE will correct me if I am wrong, but I'd think if you look at your agents (Access > Authentication Agents > Manage Existing), that would give you a list of all of agents in your deployment.  If they are named in a way that is indicative of their function and/or have information in the Notes field, that should give you what you need.

 

I did check the canned reporting templates and did not see one that reports on all agents but there are reports for agents not updated with auto registration, agents with RADIUS clients, agents with unassigned IP addresses, etc. but not specifically what you are looking for.

 

Perhaps you want to add an idea to the RSA Ideas for RSA SecurID Access‌ space to add that as a reporting option?

 

Regards,

Erica

0 Likes
Reply
EdwardDavis
Employee
Employee
‎2019-11-22 03:28 PM

Authentication traffic does not contain many specific details about the agent, beyond the userid and the password field (password field is expected to contain a passcode or authenticate code). So, we don't use the authentication traffic to advertise 'is this a Cisco ASA, or an RSA web agent, or RSA windows agent?'. Any details like that would need to be added as descriptive notes when the agent is configured for the first time.

 

Unless your admins made specific descriptive notes, the best you can do is list the agents or radius clients which can define the DNS name/IP addresses that might be sending authentication requests. Even then, there may be TCP agents defined by a logical name only, with no IP. Similarly, radius may have what we call an <ANY> client, which also is IP agnostic.

 

The way to step into an totally unknown environment and figure it out, would be:

 

running authentication activity reports to learn the agents that are sending requests....

 

-and/or combined with-

network traffic capture, and weed out what is arriving at the RSA server on the authentication ports (5500/udp, 1812/udp, 1645/udp, 5500/tcp, 5555/tcp) and work your way back to the source and learn what the source machine is.

Reply
PiersB
Trusted Contributor Trusted Contributor
Trusted Contributor
‎2019-11-25 10:52 AM

I am a little unclear as to information you're seeking.

 

There is general information on RSA "Partner" products. These are third-party products in which RSA/Agent implementations are embedded. There are 100's of applications and products that support either RSA SecurID authentication protocol directly or support RADIUS.

 

If you're asking for details on your specific deployment, the latest RSA/Agents (MFA/REST agents) can provide the server with more detailed information on the agent (i.e. platform, agent type, version, etc.). As Edward Davis mentioned, the audit logs can also be used to analyze agent activities (or lack thereof).

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.