Can RSA ODA be used with Cisco Any connect VPN Client (IPsec VPN) ?
Not using RBA.
AnsweredAssumed Answered
Can RSA ODA be used with Cisco Any connect VPN Client (IPsec VPN) ?
Not using RBA.
Hi Kenneth,
I have moved this thread to the RSA SecurID Access community so that you can get an answer to your question.
Thanks,
Jeff
Yes.
Think of ODA as a single TokenCode when you need it, instead of a token that you have that changes its TokenCode every minute. The ODA TokenCode has to be delivered, either via email or SMS text msg.
So your Cisco AnyConnect user with ODA is no different than your Cisco AnyConnect user with a Token, from the Cisco point of view. RBA is different because you have these redirect scripts that have to be downloaded and integrated, and then risk has to be assessed, and if risk is high(er) then a password might not be secure enough so you have to step up to security questions or ODA. But if risk is 'acceptable' e.g. the user is logging in from their home VPN via their work laptop, then password may be enough.
But if you are just doing ODA and not RBA, ODA is like a Token Fob that you do not have, but you can get the TokenCodes delivered to you instead of having them in your hand or on your smart phone.
Yes.
Think of ODA as a single TokenCode when you need it, instead of a token that you have that changes its TokenCode every minute. The ODA TokenCode has to be delivered, either via email or SMS text msg.
So your Cisco AnyConnect user with ODA is no different than your Cisco AnyConnect user with a Token, from the Cisco point of view. RBA is different because you have these redirect scripts that have to be downloaded and integrated, and then risk has to be assessed, and if risk is high(er) then a password might not be secure enough so you have to step up to security questions or ODA. But if risk is 'acceptable' e.g. the user is logging in from their home VPN via their work laptop, then password may be enough.
But if you are just doing ODA and not RBA, ODA is like a Token Fob that you do not have, but you can get the TokenCodes delivered to you instead of having them in your hand or on your smart phone.