This training course offers hands-on training on the deployment and configuration of Enterprise, and Premium Edition components of an RSA SecurID Access system.
Students leave this classroom-based training with the experience of deploying and configuring RSA SecurID Access Identity Router, SSO Agent, and Identity Assurance system components.
The architecture and deployment options for on-premise and cloud-based components are described to provide a comprehensive security and single sign-on solution. Extensive hands on exercises provide the experience of deploying system components and configuring a variety of authentication options.
This course assumes that the student has met the suggested prerequisite training.
IT or other technical personnel who install, service and support RSA SecurID Access deployments.
Please Note: The content of this course only describes and exercises the capabilities of the RSA SecurID Access cloud-based components (Cloud Authentication Service and Identity Router). Customers with any RSA SecurID Access license can also take advantage of the RSA Authentication Manager component that offers a variety of authentication options. To learn about the RSA Authentication Manager features and operation, you may also be interested in enrolling in the RSA Authentication Manager Installation and Configuration course, which offers hands-on training in the deployment and configuration of RSA Authentication Manager servers, authentication agents, and RSA SecurID authenticators.
Delivery Type Classroom
Duration 3 days
Students should have familiarity with the concepts of: strong (multi-factor) user authentication, cloud applications, single sign-on, and networking communication.
Students should complete the following RSA University on-demand learning courses prior to attending this course:
• Introduction to the RSA SecurID Access Solution
• Introduction to RSA SecurID Access Architecture
Students must have their own computer and internet connectivity to participate in on-line classes and must provide their own mobile device (smartphone or tablet) to complete exercises involving the RSA SecurID Access Authenticate mobile app.
Upon successful completion of this training, participants should be able to:
Plan and perform the pre-deployment, deployment, and configuration tasks to complete an operational environment to support single sign-on and multi-factor authentication
Configure system-level parameters
Configure and connect to LDAP Identity Sources/User Stores
Install and configure the RSA Identity Router
Know how to construct a system to provide high availability and redundancy/failover capabilities
RSA SecurID Access identity Router and Hosted Service Architecture
Single and High Availability deployments
Network connectivity and port requirements
Identity Router Implementation Overview
Implementation planning and checklist
Initial console connection
Deploying the Identity Router
Downloading the Identity Router image
VMware image deployment and VMware Console configurations
Identity Router Setup Web Console
Obtaining Identity Router updates
Cluster backups for User Profiles
System Digital Certificates
Connecting an Identity Source
User Application Portal
SSO Agent Configuration
Configuring the Application Portal
Creating Access Policies
Rules and Rule Sets
Adding Web Applications
Application Catalog and Template options
Application Availability and Visibility
Configuring SAML Applications
IdP-Initiated and SP-Initiated SSO Profiles
Configuring Integrated Windows Authentication (IWA)
Installing the IWA Connector
Adding IWA as an Identity Provider
RSA Authentication Agent Access Polices and Step-up Authentication
Creating Access Policies
Configuring Integrated Windows Authentication
Configuring Identity Assurance functions
Establishing Assurance Levels
Configuring Trusted Locations and Trusted networks
Authentication Requirements and Condition Attributes
Mobile Multi-factor Authentication
RSA SecurID Access Authenticator registration
Connecting the SSO Agent to RSA Authentication Manager
Configuring a Static Route to RSA Authentication Manager
Using an RSA SecurID passcode for authentication in the Application Portal
Integrating an RSA SecurID Access Identity Router with an RSA Authentication Manager token server
Establishing a trust relationship to an Identity Router