This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
BIllyStanfield
Contributor
Contributor
‎2020-09-03 03:48 PM

Portal Multi-Factor Policy to Allow Multiple Rule-Sets

Portal Multi-Factor Policy Enhancements 

Currently in our version of CAS, IDR Software Version: 12.9.0.0.4, the Portal Multi-Factor policy (System Policy) does not allow for multiple rule sets and the only Target Audience is All Authenticated Users.  

 

We have a process where enrolling into our MDM, user would need to access the MDM via a non-trusted network.  If there was the ability to Target these one-off via AD group, users to allow MFA Bypass during the MDM enrollment and remove them post enrollment would be ideal for the organization.

 

Currently I see no other way either by leveraging ODA, which often these are new user with no ODA enrollment of the Emergency Token feature.

 

Is there a configurable way to bypass the MFA for the enrollment as the Portal MFA policy overrides the Application policy which does allow for this workflow.

Labels (1)
Preview file
38 KB
0 Likes
Reply
4 Replies
RandyBelbin
Frequent Contributor Frequent Contributor
Frequent Contributor
‎2020-09-03 04:00 PM

Hi Billy,

 

For the enhancement request, please add your request to our ideas page which can be found here https://community.rsa.com/community/products/securid/ideas

 

In the interim, a potential solution might be to configure your MDM solution to integrate with our cloud IDP. This would bypass the portal and allow you to do group-based access control independent of your portal policy.

Reply
BIllyStanfield
Contributor
Contributor
In response to RandyBelbin
‎2020-09-03 04:33 PM

Thanks Randy, I’ll look to see if there is any Intune integration with RSA.

 

Sent from Outer Internets

0 Likes
Reply
RandyBelbin
Frequent Contributor Frequent Contributor
Frequent Contributor
In response to BIllyStanfield
‎2020-09-03 06:23 PM

My pleasure!

 

It looks like you may be using RSA SecurID Access for SSO access to Office365. The cloud IDP may not be a viable solution since authentication into Intune is pretty much "hitched" to the overall Office365 authentication process.

Please reach out to me (Randy Belbin) and Stephen Coltart‌ directly and let's set up a time to work through some options.

0 Likes
Reply
BIllyStanfield
Contributor
Contributor
In response to RandyBelbin
‎2020-09-04 06:33 AM

Hi Randy, I have a WS-Federation Office365 Direct STS Configured in Production.  RSA is providing Authentication via SSO and MFA. 

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.