SecurID^®

Overview This document provides an overview of the major features that will be available in the upcoming releases and deprecated features of Agents. What’s coming RSA is committed to delivering high-quality products that offer a seamless experience to its customers. As part of this commitment, RSA is developing new versions of its Agents that will provide enhanced features and functionality. The upcoming Agents are: RSA MFA Agent 9.0 for PAM RSA MFA Agent 3.0 for Microsoft AD FS RSA MFA Agent 3.0 for Citrix Agent These Agents are expected to be released soon and will provide customers with more options and flexibility for securing their resources with RSA. Note: UDP mode is not supported in upcoming agents, and you cannot use both UDP and REST modes on the same machine. For more information, see Deprecated feature section below. What’s new RSA is excited to announce the upcoming release of agents with major features that include: Authentication Manager failover support and load balancing improvements: One of the biggest advantages that RSA offers to its Hybrid customers is Hybrid High Availability. This feature uses an Authentication Manager failover mechanism that automatically balances the load between Authentication Manager primary and replica servers, reducing the single point of risk failure for our Hybrid customers. Whether the failure occurs in the cloud or on-premises, RSA Hybrid High Availability can handle it all. Code-to-match enhancements: Organizations can use the code-to-match feature to enhance security and prevent MFA Fatigue attacks. This feature adds a code confirmation to the push notifications. RSA is making this feature available to all commercial customers (not just FedRAMP). Third-party library: Updating third-party library dependencies can enhance security, resolve compatibility issues, and fix bugs. Rebranding and terminology changes: RSA is gradually introducing a new consistent and standard terminology across all products and platforms. This also reflects brand value and builds customer trust and clarity among internal stakeholders. Deprecated feature UDP mode no longer supported in upcoming Agents: Authentication Agent for PAM 8.x, Authentication Agent for Microsoft AD FS 2.x, and Authentication Agent for Citrix 2.x support both UDP and REST protocol modes for communicating with RSA Authentication Manager. UDP mode is a legacy option that allows agents to use the UDP protocol and hardware OTP credentials for MFA. However, UDP mode is not supported in upcoming agents, and you cannot use both UDP and REST modes on the same machine with them. Customers who are using the existing Agents in UDP mode must switch to REST mode. You can change the UDP protocol authentication mode to the REST protocol for RSA Authentication Manager or the Cloud Authentication Service. Upcoming End of Primary Support Details To know more about the EOPS details, refer to Product Version Life Cycle for SecurID - RSA Community.   ... View more

Article Number 000068212 Applies To RSA Product Set:  SecurID RSA Product/Service Type:  Authentication Manager RSA Version/Condition:  8.x Issue Authentication Manager has two forms of replication: In-band replication is an instantaneous process. Items covered by in band replication include creating an internal user, assigning a token, setting a PIN. Most of the things you set in the Security Console are handled by in band replication. Out of band replication (OOB). Items that are considered out of band replicate on a ten minute cycle. Identity source settings are replicated using OOB.  ... View more

Article Number 000068204 Applies To RSA Product Set: SecurID RSA Product/Service Type: Authentication Manager RSA Version/Condition: 8.x Issue After following the steps in KB 000067948 to integrate VMWare Unified Access Gateway (UAG) with the Authentication Manager using REST API, authentications on UAG are failing with the below error in the Authentication Activity Monitor while using cloud token and Authentication manager forward request to the cloud: Image description Resolution Login to the Security Console Navigate to Setup > System Settings > Cloud Authentication Service Configuration Uncheck "Send Multifactor Authentication Requests to the Cloud" Click "Save" Image description   ... View more

Article Number 000068211 Applies To RSA Product Set: SecurID RSA Product/Service Type: SecurID Authenticator 6.1.3 for Microsoft Windows Platform: Windows  Issue Despite correctly executing the command as per the SecurID Authenticator 6.1.3 for Windows Administrator's Guide, the installation of SecurID Authenticator 6.1.3 for Microsoft Windows using DISM encounters error 0x80080203:    Image description The errors shown below are present in the dism.log file: Error DISM DISM Appx Provider: PID=7864 TID=10512 Failed to create appx bundle reader. - CPackageAdapter::CreateFromPath(hr:0x8007007b) The file is not a valid Appx package because it is missing a manifest or block map, or missing a signature file when code integrity file is present. (Exception from HRESULT 0x80080203).   Cause The SecurID Authenticator v6.1.3 for Windows has not been tested or certified for the Windows version on which you are attempting to install it. The following Windows versions are the only ones that have been certified for the 6.1.3 version of the SecurID Authenticator for Windows: Windows 10 1903 x64bit Windows 10 1909 x64bit Windows 10 2004 x64bit Windows 10 20H2 x64bit Windows 10 21H1 x64bit Windows 10 21H2 x64bit Windows 11 21H2 x64bit Windows Server 2022 Resolution To address this problem, install the SecurID Authenticator 6.1.3 app on a Windows version that is supported by the application. ... View more