Article Number
000038833
Applies To
RSA Product Set: SecurID Access
RSA Product/Service Type: Cloud Authentication Service, Identity Router
RSA Version/Condition: Identity Router 12.9.0.0.4
Issue
There are unexpected results when accessing an application configured with the Application Portal that uses an access policy with the Trusted Network conditional policy attribute.
For example, the access policy is configured to allow access to users on a trusted network. Instead, users are denied access or prompted for multifactor authentication (MFA) when trying to access the application from a trusted network.
Cause
This behavior is due to a software defect (NGX-46349) that can occur on identity routers running software version 12.9.0.0.4 if Identity Confidence Collection is disabled on the Cloud Administration Console.
To confirm the setting,
- Launch the Cloud Administration Console.
- Go to My Account > Company Settings > Company Information > Identity Confidence Collection.
To verify the software version of an identity router,
- Launch the Cloud Administration Console.
- Go to Platform > Identity Routers.
- Click the dropdown arrow next to the identity router's name.
- Select Software Version.
Resolution
Defect NGX-46349 will be addressed in a future version of the identity router. Once addressed, Identity Confidence Collection can be disabled without impacting access policies that use the Trusted Network policy attribute.
Workaround
As a workaround, enable Identity Confidence Collection, save the settings, and publish the changes.
