RSA Web Agent challenging the wrong virtual directories
We are seeing issues in our environment where RSA is challenging for a passcode on directories that are not configured to be "protected". Currently, RSA is enabled on the default website but only configured to protect the /ecp and /owa virtual directories. We've noticed that RSA will occasionally challenge other directories, such as /ews for a token, causing those connections to fail. This does not occur with every request but I can confidently recreate the issue within 5 minutes. Its almost as if the RSA Web Agent can't keep up with the web request and is simply redirected them to the default website or defaulting to a "protect" action.
Servers: Server 2016 with Exchange 2016 CU20 and RSA 8.0.5 with Exchange 2016 registry keys.
I have a support ticket, which was opened back in March, but we seem to be making very little progress. Has this occurred to anyone else.