Attachmate Reflection for Secure IT 8.2 Server for Windows

Similar documents
Avocent DSView 4.5. RSA SecurID Ready Implementation Guide. Partner Information. Last Modified: June 9, Product Information Partner Name

RSA Ready Implementation Guide for

RSA Ready Implementation Guide for. GlobalSCAPE EFT Server 7.3

VMware Identity Manager vidm 2.7

Citrix Systems, Inc. Web Interface

Caradigm Single Sign-On and Context Management RSA Ready Implementation Guide for. Caradigm Single Sign-On and Context Management 6.2.

Cisco Systems, Inc. Aironet Access Point

Vanguard Integrity Professionals ez/token

Pulse Secure Policy Secure

Barracuda Networks NG Firewall 7.0.0

SSH Communications Tectia 6.4.5

Infosys Limited Finacle e-banking

RSA SecurID Ready Implementation Guide. Last Modified: December 13, 2013

Security Access Manager 7.0

Cyber Ark Software Ltd Sensitive Information Management Suite

Barracuda Networks SSL VPN

Cisco Systems, Inc. Wireless LAN Controller

<Partner Name> RSA SECURID ACCESS Standard Agent Implementation Guide. WALLIX WAB Suite 5.0. <Partner Product>

HOB HOB RD VPN. RSA SecurID Ready Implementation Guide. Partner Information. Product Information Partner Name. Last Modified: March 3, 2014 HOB

Rocket Software Strong Authentication Expert

Microsoft Forefront UAG 2010 SP1 DirectAccess

RSA Ready Implementation Guide for. VMware vsphere Management Assistant 6.0

Open System Consultants Radiator RADIUS Server

RSA SecurID Ready Implementation Guide. Last Modified: November 19, 2009

Dell SonicWALL NSA 3600 vpn v

<Partner Name> <Partner Product> RSA SECURID ACCESS Implementation Guide. PingIdentity PingFederate 8

Microsoft Unified Access Gateway 2010

Apple Computer, Inc. ios

Cisco Systems, Inc. Catalyst Switches

RSA SECURID ACCESS PAM Agent Implementation Guide

RSA SecurID Ready Implementation Guide. Last Modified: March 27, Cisco Systems, Inc.

<Partner Name> RSA SECURID ACCESS. VMware Horizon View Client 6.2. Standard Agent Implementation Guide. <Partner Product>

RSA Ready Implementation Guide for. HelpSystems Safestone DetectIT Security Manager

RSA Ready Implementation Guide for. Checkpoint Mobile VPN for ios v1.458

RSA SecurID Implementation

RSA SecurID Ready Implementation Guide

SecureW2 Enterprise Client

Cisco Systems, Inc. IOS Router

Barron McCann Technology X-Kryptor

<Partner Name> <Partner Product> RSA SECURID ACCESS Implementation Guide. Pulse Connect Secure 8.x

RSA SecurID Ready Implementation Guide

RSA Ready Implementation Guide for

SailPoint IdentityIQ 6.4

Hitachi ID Systems Inc Identity Manager 8.2.6

<Partner Name> <Partner Product> RSA SECURID ACCESS Implementation Guide. Cisco Adaptive Security Appliance 9.5(2)

<Partner Name> <Partner Product> RSA SECURID ACCESS. VMware Horizon View 7.2 Clients. Standard Agent Client Implementation Guide

<Partner Name> <Partner Product> RSA SECURID ACCESS. Pulse Secure Connect Secure 8.3. Standard Agent Client Implementation Guide

How to Configure the RSA Authentication Manager

RSA SecurID Ready Implementation Guide

How to Integrate RSA SecurID with the Barracuda Web Application Firewall

How to RSA SecureID with Clustered NATIVE

Fischer International Identity Fischer Identity Suite 4.2

RSA Exam 050-v71-CASECURID02 RSA SecurID Certified Administrator 7.1 Exam Version: 6.0 [ Total Questions: 140 ]

<Partner Name> <Partner Product> RSA SECURID ACCESS. NetMove SaAT Secure Starter. Standard Agent Client Implementation Guide

QUESTION: 1 An RSA SecurID tokencode is unique for each successful authentication because

RSA Ready Implementation Guide for

<Partner Name> <Partner Product> RSA SECURID ACCESS Implementation Guide. Citrix NetScaler Gateway 12.0

<Partner Name> <Partner Product> RSA SECURID ACCESS Implementation Guide. CyberArk Enterprise Password Vault

Secured by RSA Implementation Guide for Software Token Authenticators

RSA Ready Implementation Guide for

Technical Note: RSA SecurID /SA Integration

Authentify SMS Gateway

050-v71x-CSESECURID RSA. RSA SecurID Certified Systems Engineer 7.1x

TalariaX sendquick Alert Plus

AT&T Global Smart Messaging Suite

RSA Authentication Manager 7.1 Administrator s Guide

RSA SecurID Ready with Wireless LAN Controllers and Cisco Secure ACS Configuration Example

Pass4sure CASECURID01.70 Questions

McAfee Endpoint Encryption

Remote Access User Guide for Mac OS (Citrix Instructions)

Advantage Cloud Two-Factor Security Process

Oracle Oracle Identity Manager 11g

> Nortel Switched Firewall (NSF) SecurID Configuration Guide

<Partner Name> RSA SECURID ACCESS Authenticator Implementation Guide. Intel Authenticate & Intel IPT based Token Provider for RSA SecurID

<Partner Name> <Partner Product> RSA SECURID ACCESS Authenticator Implementation Guide. Check Point SmartEndpoint Security

RSA Authentication Manager 7.1 Migration Guide

External Authentication with Citrix GoToMyPc Corporate Edition Authenticating Users Using SecurAccess Server by SecurEnvoy

STRS OHIO Telework F5 BIG-IP Edge Client for Mac Systems (Imac, Air, Macbook, Mini) User Guide

Security Cooperation Information Portal

RSA Authentication Manager 7.1 Help Desk Administrator s Guide

Authentication. August 17, 2018 Version 9.4. For the most recent version of this document, visit our documentation website.

EOH-SASOL - Setup Sasol Mobile Express (Client)

Symantec Encryption Desktop

Vendor: RSA. Exam Code: CASECURID01. Exam Name: RSA SecurID Certified Administrator 8.0 Exam. Version: Demo

RSA Authentication Manager 6.1 to 8.0 Migration Guide

Remote Support Security Provider Integration: RADIUS Server

RSA ACE/Agent 5.0 for PAM Installation and Configuration Guide

<Partner Name> <Partner Product> RSA SECURID ACCESS Authenticator Implementation Guide. Intel Security Drive Encryption 7.1.3

STRS OHIO F5 Access Client Setup for ChromeBook Systems User Guide

Authentication Guide

BMC Software BMC Provisioning Module for RSA Authentication Manager

Data Structure Mapping

Intel Security/McAfee Endpoint Encryption

RSA Two Factor Authentication. Feature Description

Install and Issuing your first Full Feature Operator Card

Safeguarding Cardholder Account Data

Security Provider Integration RADIUS Server

Data Structure Mapping

mystanwell.com Accessing using Apple devices Information and Business Systems

Data Structure Mapping

Transcription:

RSA SecurID Ready Implementation Guide Partner Information Last Modified: September 3, 2014 Product Information Partner Name Attachmate Web Site www.attachmate.com Product Name Reflection for Secure IT Server for Windows Version & Platform 8.2 Product Description Reflection for Secure IT for Windows is a family of Secure Shell clients and servers for Windows and UNIX all designed to protect data in motion. With Reflection for Secure IT encryption, authentication, and logging features, you can safely transfer files, manage remote servers, and access corporate applications over encrypted connections. These features can also help you comply with stringent data security regulations.

Solution Summary Reflection for Secure IT (RSIT) enables remote administration of critical servers with the robust SSH protocol suite, which includes SSH, SFTP, and SCP. The Reflection for Secure IT, SSH-based clients and servers use strong authentication and encryption methods to shield data from spies, hackers and other security threats. RSIT works with an array of authentication and authorization methods, and provides interoperability to new and existing security frameworks. It supports RSA SecurID two-factor authentication with the aid of the Secure Shell keyboard-interactive protocol and the RSA Authentication Agent API. RSA Authentication agents receive authentication requests from RSIT servers, prompt users for RSA SecurID authentication credentials and forward the credentials to RSA Authentication Manager servers for authentication. RSA SecurID supported features Reflection for Secure IT Server for Windows RSA SecurID Authentication via Native RSA SecurID Protocol RSA SecurID Authentication via RADIUS Protocol On-Demand Authentication via Native SecurID Protocol RSA Authentication Manager Replica Support RSA SecurID Software Token Automation RSA SecurID SD800 Token Automation RSA SecurID Protection of Administrative Interface No No No No - 2 -

Agent Host Configuration RSA Authentication Agents are custom or ready-made software applications that securely pass user authentication requests to and from RSA Authentication Manager. RSA provides a variety of out-of-thebox agents for protecting access to various operating systems and web resources, and an Authentication API for building custom agents. You must register authentication agents with RSA Authentication Manager in order for the server to locate them and establish secure communication channels with them. Use the RSA Security Console to register an agent for your Attachmate RSIT host. You will need the following information in order to do so: the hostname of your Attachmate RSIT server IP address for all of your Attachmate RSIT server host s network interfaces Set each of your Authentication Agent s type to Standard Agent. Note: Each agent hostname must resolve to one or more valid IP addresses on the local network. RSA SecurID files RSA SecurID Authentication Files Files sdconf.rec Node Secret sdstatus.12 sdopts.rec Location %windir%\system32 %windir%\system32 %windir%\system32 %windir%\system32 Note: The appendix of this document contains more detailed information regarding these files. Partner Product Configuration Before You Begin This document provides instructions for enabling RSA SecurID two-factor authentication for Attachmate Reflection for Secure IT for Windows users. You should have working knowledge of RSA Authentication Manager and RSIT, as well as access to the appropriate end-user and administrative documentation. Ensure that that both products are running properly prior to configuring the integration. Note: This document is not intended to suggest optimal installations or configurations. - 3 -

Reflection for Secure IT Server for Windows Configuration The following two sections contain instructions for configuring Attachmate RSIT to use RSA SecurID authentication: Client Configuration Server Configuration Reflection for Secure IT Client Configuration To configure the Reflection for Secure IT client: 1. Launch the Reflection for Secure IT client. 2. Select Connection > Connection Setup 3. Enter your RSIT server s hostname in the Hostname field, enter a username in the Username field and click the Security button. 4. Check the Keyboard-Interactive checkbox. (This is the default setting for all Reflection clients.) Reflection SSH Client Configuration - 4 -

Reflection for Secure IT Server for Windows Configuration To configure the Reflection for Secure IT Server for Windows: 1. Install the RSA SecurID Authentication Agent on the RSIT host. 2. Launch the Reflection for Secure IT Server console and select the Configuration tab. 3. Select the RSA SecurID tree node. 4. Specify the path to the directory that contains aceclnt.dl library in the Agent path field. 5. Select either the Allow or Require radio buttons to enable RSA SecurID authentication. Reflection for Secure IT Server Console - 5 -

Logon Screen Examples Once you have configured the Reflection for Secure IT client and server for RSA SecurID authentication, users will authenticate with RSA SecurID. Below is an example of the logon process from the Reflection for Secure IT client: 1. Prompt for PASSCODE: 2. Prompt for system to generate PIN: 3. Prompt for system to display PIN: 4. Prompt for next PASSCODE: 5. Prompt to enter new PIN: 6. Prompt to re-enter PIN: - 6 -

Certification Checklist for RSA Authentication Manager 8.0 Date Tested: September 3, 2014 Certification Environment Product Name Version Operating System RSA Authentication Manager 8.0 SLES 11 RSA Authentication Agent 7.2.1 Windows 2012 R2 Reflection for Secure IT Server for Windows 8.2 Windows 2012 R2 Reflection for Secure IT Client 7.2 SP3 Windows 2012 R2 Mandatory Functionality RSA Native Protocol RADIUS Protocol New PIN Mode Force Authentication After New PIN Force Authentication After New PIN N/A System Generated PIN System Generated PIN N/A User Defined (4-8 Alphanumeric) User Defined (4-8 Alphanumeric) N/A User Defined (5-7 Numeric) User Defined (5-7 Numeric) N/A Deny 4 and 8 Digit PIN Deny 4 and 8 Digit PIN N/A Deny Alphanumeric PIN Deny Alphanumeric PIN N/A Deny Numeric PIN Deny Numeric PIN N/A Deny PIN Reuse Deny PIN Reuse N/A Passcode 14 Digit Passcode 14 Digit Passcode N/A 4 Digit Fixed Passcode 4 Digit Fixed Passcode N/A Next Tokencode Mode Next Tokencode Mode Next Tokencode Mode N/A On-Demand Authentication On-Demand Authentication On-Demand Authentication N/A On-Demand New PIN On-Demand New PIN N/A Load Balancing / Reliability Testing Failover (3-10 Replicas) Failover N/A No RSA Authentication Manager No RSA Authentication Manager N/A JGS = Pass = Fail N/A = Not Applicable to Integration - 7 -

Known issues Attachmate Reflection for Secure IT Server for Windows doesn t report PIN reuse errors. - 8 -

Appendix Partner Integration Details RSA SecurID API RSA Authentication Agent Type RSA SecurID User Specification Display RSA Server Info Perform Test Authentication Agent Tracing 7.2.1 (Windows Agent library) Standard Agent All Users Node Secret: Copy the node secret to the %windir%\system32 directory on the RSIT Windows server host. sdconf.rec: Copy the sdconf.rec file to the %windir%\system32 directory on the RSIT Windows server host. sdopts.rec: Copy the sdopts.rec file to the %windir%\system32 directory on the RSIT Windows server host. sdstatus.12: Copy the sdopts.rec file to the %windir%\system32 directory on the RSIT Windows server host. - 9 -

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback