RSA AM 7.1SP3 Token Delivery
Using two-factor authentication is common when publishing remote services to the internet with components like Citrix NetScaler or Juniper SA appliances. RSA is a well-known provider of two-factor authentication mechanism.
Beginning with RSA Authentication Manager 7.1 people have the ability to use the On-Demand feature. This feature enables the delivery of token codes via SMS or e-mail. When using this feature you had to publish the RSA Self-Service website to the internet, so users can request a token code. The RSA Self-Service website is displayed below.
The procedure for opening a extra website to request an On-Demand token is difficult to understand for many people and increases the risk of problems and errors during the authentication process.
This behavior is changed in RSA AM 7.1SP3. With SP3 the Authentication Agent has possibility to generate the On-Demand token request on behalf of the user. The procedure to login to the Authenticaton Agent is:
- 1. Browse to the portal website
- 2. Enter your user credentials (username + password)
- 3. Enter only the token PIN code
- 4. The Authentication Agent generates the On-Demand token request and redirects the user to a website to enter the On-Demand token code
- 5. The user waits for the delivery of the token via SMS or e-mail
- 6. The user enters the On-Demand token code on the Authentication Agents website
- 7. The Authentication Agent validates the token code and displays the web portal
This way the delivery of token codes is less prone to problems and errors during the authentication process. I personally like this new feature.
René Jorissen
Latest posts by René Jorissen (see all)
- MacOS Big Sur and SSLKEYFILELOG - November 23, 2021
- ClearPass, Azure AD, SSO and Object ID - August 12, 2021
- ClearPass – custom MPSK - July 20, 2021