RSA Ready: Cisco ASA & Authentication Manager 8.1 RBA Integration

Video created by RSA Link Team Employee on Mar 2, 2017

    Pete Waranowski from RSA Partner Engineering first shows how to integrate a Cisco ASA 9.3 with Authentication Manager 8.1 for Risk-Based Authentication and then demonstrates the end user experience.

     

    Before starting you must integrate the ASA Clientless SSL-VPN portal with SecurID.  Refer to the RSA Ready Implementation Guide, available at Cisco Systems Inc. - Technology Integrations or the video in this series for information on how to integrate your ASA with SecurID.

     

    RBA is supported with both native SecurID and RADIUS AAA server groups.

     

    A quick overview

    1. Select the ASA agent from Access > Authentication Agents > Manage Existing.
    2. Download integration script for the correct agent type.
    3. Login to the Cisco ASDM and upload the risk based authentication script to the Clientless SSL-VPN web contents.
    4. Add a new customization object.
    5. Open the logon screen informational panel tab and paste the Javascript from the implementation guide into the text field.
    6. Apply changes.

     

    The end user experience

    1. The user opens a browser and goes to the SSL-VPN portal page.
    2. The user is redirected to RSA Secure logon page.
    3. The user logs in with a user name and password
    4. The user is prompted to select security questions and provide answers.
    5. The user is logged in to the SSL-VPN portal page.