IPv4/IPv6 Authentication Agents

An IPv4/IPv6 authentication agent is a software application that securely passes user authentication requests to and from RSA Authentication Manager. IPv4/IPv6 agents use IPv4 o r IPv6 addresses and the HTTP and TCP protocols rather than the UDP protocol.

Note: RSA Authentication Manager 8.2 or later includes a backward compatible software development kit (SDK). It does not include the IPv4/IPv6 agent.

The TCP agent protocol provides three services.

Service

Description

Configuration

Allows agents to retrieve and verify configuration data.

Message Key

Allows agents to negotiate a key that can be used to encrypt subsequent authentications.

Authentication

Processes authentication requests.

IPv4/IPv6 Agent Name

The IPv4/IPv6 agent uses a logical name to identify agents. An agent name is not required to be a fully qualified host name and does not require an IP address. Agents running on different physical hosts can share a logical agent name. You can have multiple logically named agents on a single physical host.

Enabling IPv6 in the Hyper-V or VMware Infrastructure

You can enable the Hyper-V or VMware infrastructure to process authentication requests sent from agents using an IPv6 address. For more information, see your Hyper-V or VMware documentation.

Optional Node Secret

IPv4/IPv6 authentication agents do not require a node secret. Instead of a node secret, a dynamically negotiated key is used to encrypt the channel along with a strong encryption algorithm. If you choose to create a node secret, then the IPv4/IPv6 authentication agents use the node secret to encrypt authentication requests and Authentication Manager uses the node secret to verify the identity of IPv4/IPv6 authentication agents.