Announcements

SecurID® Integrations

Ivanti Pulse Connect 9.1 - SecurID Access Implementation Guide

Ivanti Pulse Connect 9.1 - SecurID Access Implementation Guide

Certified: March 31, 2021

 

Solution Summary

This section describes the ways in which Ivanti Pulse Connect can integrate with SecurID Access. Use this information to determine which integration type your deployment will employ.

The Pulse Secure Connect Secure platform provides comprehensive SSL-based VPN services that allow a wide range of devices to access secured resources without requiring additional client software.

Pulse Connect Secure can be integrated with SecurID Authentication Manager by native agent integration and RADIUS. Both Pulse Connect Secure integrations allow organizations to further secure their resources by requiring end-users to authenticate with SecurID hardware or software tokens. Both may also be configured to enable token automation for Software token users and SID800 hardware users. During the token automation login process, a user only needs to submit a username and static PIN, and the system provides the SecurID tokencode in the background.

The Pulse Secure Connect Secure Platform also supports SecurID Risk-Based Authentication (RBA). Risk-Based Authentication strengthens SecurID authentication and traditional password-based authentication by analyzing a user’s behavior and device to identify potentially risky or fraudulent authentication attempts. If the assessed risk is unacceptable, SecurID Authentication Manager will challenge the user with a secondary authentication method to further confirm the user’s identity.

 

 

Integration Types

SecurID Authentication API integrations can provide a rich user interface with all SecurID Access features within the partner application. Refer to the Supported Features section in this guide see which features this partner application has implemented.

RADIUS integrations provide a text driven interface for SecurID Access within the partner application. RADIUS provides support for most SecurID Access authentication methods and flows.

SSO Agent integrations use SAML 2.0 or HFED technologies to direct users’ web browsers to Cloud Authentication Service for authentication. SSO Agents also provide Single Sign-On using the SecurID Application Portal.

Relying party integrations use SAML 2.0 to direct users’ web browsers to Cloud Authentication Service for authentication. Primary authentication is configurable, so relying party can be a good choice for adding additional authentication (only) to existing deployments.

Authentication Agent integrations use an embedded SecurID agent to provide SecurID and Authenticate Tokencode authentication methods within the partner’s application. Authentication agents are simple to configure and support the highest rate of authentications.

Risk Based Authentication integrations use customized scripts to direct users’ browsers to SecurID Access for authentication. Risk-Based Authentication leverages an Authentication Agent or RADIUS integration to sign in to the partner application.

Supported Features

This section shows all of the supported features by integration type and by SecurID Access component. Use this information to determine which integration type and which SecurID Access component your deployment will use. The next section contains the steps to integrate SecurID Access with Ivanti Pulse Connect for each integration type.

 

Ivanti Pulse Connect Integration with SecurID Cloud Authentication Service

Authentication Methods

Authentication API

RADIUS

Relying Party

SSO Agent

SecurID tokens -
LDAP Password -
Authenticate Approve -
Authenticate Tokencode -
Device Biometrics -
SMS Tokencode -
Voice Tokencode -
FIDO Token n/a
Identity Assurance - - -

 

Ivanti Pulse Connect Integration with SecurID Authentication Manager

Authentication Methods

Authentication API

RADIUS Authentication Agent
SecurID tokens - -
On-Demand Authentication - - -
Risk-Based Authentication n/a -

 

Supported
- Not supported
n/t Not yet tested or documented, but may be possible.

Configuration Summary

The following links provide instructions on how to integrate Ivanti Pulse Connect with  SecurID Access.

This document is not intended to suggest optimum installations or configurations. It assumes the reader has both working knowledge of all products involved, and the ability to perform the tasks outlined in this section. Administrators should have access to the product documentation for all products in order to install the required components. All SecurID Access and Ivanti Pulse Connect components must be installed and working prior to the integration.

Integration Configuration

Use Case Configuration

 

Certification Details

Date of testing: March 10, 2021

SecurID Cloud Authentication Service

SecurID Authentication Manager 8.5, Virtual Appliance

Ivanti Pulse Secure Connect 9.1

Known Issues

No issues found

No ratings
Version history
Last update:
‎2022-02-23 05:08 AM
Updated by:
Contributors
Article Dashboard