AnsweredAssumed Answered

add AWS VPC to authentication agents

Question asked by Steve Possingham on Aug 5, 2019
Latest reply on Aug 22, 2019 by Steve Possingham

I have to deploy numerous application servers into an AWS VPC. As a result, the 'authentication agents' IP address can change when it is rebooted/restarted. I have 3 x /24 networks assigned, for PROD, PRE-PROD and DEV.

These servers are running RHEL7.0

No Windows servers will be deployed

 

What is the most suitable configuration and/or method to 'dynamically' add the agents to the RSA Authentication Manager whether the IP address is from any of the /24 networks?

 

RSA Authentication Manager - v8.4 P 04

 

One of my developers has found some information from the SDK documentation.

 

"From what I read this method doesn’t require an IP address to be stored. It also mentions about the encryption.  From what I understand that means is we can set the same “AGENT_NAME” on all of our hosts. If we use the Agent-Server Trust Model it appears an IP Address is not required. “This new trust mechanism is considered more secure and IP-agnostic.”"

Outcomes