RSA Authentication Manager 8.2
Over 25,000 customers 50 – 60 million active tokens in circulation 10 million units shipped per year More than 50% market share RSA Ready Partner Program: 400 Partners with Native SecurID Integration THE undisputed leader in multi-factor auth • 2016 SC Magazine Awards: Best Authentication • Reigning Leader, Gartner MQ 2
RSA Authentication Manager 8.2 Key Themes Simple Scalable Secure Seamless • Provision Once • AMBA • FIPS Inside SW T okens • RSA Via (Enterprise) Compliance • T oken Expiry Access • PCI DSS • New Identity Alert SecurID Compliance • Dashboard Sources Agent Hub • IPv6 Phase I Search Option • Report Ready Notification 3
Seamless 4
Via Access SecurID Agent Hub (need to purchase RSA Via Access) • Via Access Tokencodes for 2FA to HUNDREDS OF APPLICATIONS ON-PREM AND IN THE CLOUD SecurID Agents – No Change to SecurID Agent Infrastructure ORG1 – Leverage RSA Ready Program Cloud On-Premises with over 400 Certified Integrations ORG2 Access Manager – PIN or Fingerprint to unlock Tokencode SecurID Agents • Simplifies Registration and Provisioning Processes SecurID / RSA Via Access 5
Via Access SecurID Agent Hub How it Works 6 Via Access validates 5 IDR locates user Via Tokencode Passes Via Tokencode to Via Access Returns response 1 User opens Via Access app, enters PIN or Biometric Thumbprint to unlock the Identity Via Tokencode Router 3 Username & Via Trusted Tokencode are Realm passed to AM8.2 4096 9913 4 AM8.2 cannot locate Authentication SecurID Agent user locally so reaches Manager 8.2 2 User enters UserID & out to Trusted Realms Via Tokencode into SecurID Agent Protected 7 User Permitted Resource or Denied Access SecurID / RSA Via Access 6
Via Access User Experience Simple End User Enrollment Pull Down the App User Validation Set Password 7
Via Access User Experience Simple End User Device Registration & Authentication Device Registration Multi Factor Auth Create PIN Fingerprint 8
Via Access SecurID Agent Hub Benefits Seamless Streamlined Improves Transition Registration & End User No Change to Provisioning Experience Agents Processes Lowers Total Cost Of Ownership SecurID / RSA Via Access 9
Simple 10
Improved Software Token Provisioning “Provision Once” Software Tokens • Software Tokens provisioned in AM 8.2 expire on the Server side only meaning software tokens do not need to be re-provisioned! NEW! AM8.1 and earlier TOKEN 5716 8299 Authentication Authentication EXPIRED Manager 8.1 Manager 8.2 • Significantly lowers administrative time and overhead to manage and provision software tokens 11
Simplifying Administration Improved Search and Notifications Email (Admin) for imminent token expiry User Dashboard search option (User Alias) Friday, June 17, 2016 5:03 PM. Email (Admin) report job completion 12
Customizable Display Banner Meets Organizations Best Practices • Customized Logo & Text Displayed Prior to Login • User Must Accept Notification Unauthorized Access is prohibited. If you are authorized Before Login to AM to access ss this s si site, please se click the Accept button below. If you are not authorized, please exit this site. • Available on All AM Consoles – Security Console – Operations Console – Self Service – SSH 13
Secure & Scalable 14
Security Updates FIPS 140-2 Compliance Inside • AM Cipher Suite upgraded to meet NIST/FIPS Compliance* PCI Compliance • SSLv3 removal and expanded TLS 1.2 support* • Strict TLS Mode option NIST SP 800-131A • Core / Plumbing Certificates upgradeable to SHA-2 * Does not include Radius and Off-Line Authentication 15
Authentication Manager Bulk Administration (AMBA) AMBA Pre-Packaged with Authentication Manager Add 100 New Users, Assign & Distribute Software token Without AMBA With AMBA* 1. Log into Security Console 1. Prepare AMBA Input .csv file with New 2. Add New User & Relevant Info User Info & Options 3. Assign Software token 2. Access AM Command Line 4. Distribute Software token 3. Invoke AMBA Utility • Select token profile • Run test & verify proper operation • Select provisioning & delivery options • Execute command 5. Repeat steps 2 to 4, 99 times 4. Done … 6. 100. Done 16 * Requires Enterprise License or standalone AMBA license
New Platform Support & Qualifications • Appliance Operating System Upgrade to SUSE 11 SP4 • Qualification of VMware ESXi 6.0 • Open LDAP as an Identity Source • IPv6 RADIUS Clients 17
Supported Migration Paths AM 8.2 Release AM 8.1 VMware AM 6.1 Appliance AM 8.1 SP1 All OS Platforms AM 8.2 HW / Hardware / VMware Appliance RSA SecurID VMware Appliance AM 8.1 Hardware Appliance 2.0 Appliance AM 7.1 All OS Platforms RSA SecurID Appliance 3.0 AM 8.1 SP1 AM 8.2 Hyper-V Appliance Hyper-V Appliance AM 6.1 EOPS: December, 2015 AM 8.1 Release AM 7.1 EOPS: June, 2016 18
Streamlining Evaluations • Auto Generates 25 SW Tokens when 90-day Trial License is Installed – Eliminates time-consuming distribution of Software Token Media • One-time Use Extension Code extends trial by 90 Days • Auto Deletes Eval License once Production License is Installed 19
Thank You 20
Recommend
More recommend
