Category: Security

Configuration Example, Security

Restore RSA 7.1 primary database and RADIUS config

René Jorissen on June 30, 2010 2 Comments • Tags: #configutil #database #instance #on-demand #primary #radius #replica #restore #rsa #rsautil

A few days ago I was troubleshooting a problem with an ISA array after upgrading the VMware environment as you can read in this article. I had a same kind of problem with a RSA environment. After upgrading the VMware Tools and the Virtual Hardware, the RSA database didn’t start anymore. RSA noticed to much … Read More

Security

Windows LDAPS expired

René Jorissen on June 17, 2010 0 Comments • Tags: #authority #certificate #certsrv #expired #ldaps #windows

A lot of appliances and/or security solutions use LDAP to synchronize users from an Active Directory or an eDirectory environment. Active Directory is LDAP enabled by default. If you would like to harden your network,  you would like to use LDAPS. LDAPS is a term to refer to LDAP communication over SSL. Intercepted LDAPS traffic … Read More

Security

RSA AM 7.1SP3 Token Delivery

René Jorissen on April 28, 2010 0 Comments • Tags: #agent #authenticate #automatically #deliver #delivery #on-demand #rsa #token

Using two-factor authentication is common when publishing remote services to the internet with components like Citrix NetScaler or Juniper SA appliances. RSA is a well-known provider of two-factor authentication mechanism. Beginning with RSA Authentication Manager 7.1 people have the ability to use the On-Demand feature. This feature enables the delivery of token codes via SMS … Read More

Security

User expiration with RSA AM 7.1

René Jorissen on April 8, 2010 1 Comment • Tags: #rsa

I noticed some differences in the user expiration between RSA Authentication Manager 7.1 and RSA Authentication Manager 7.1 SP2. When assigning a token to an user in RSA AM7.1, the user automatically gets an expiration date set on its user account. The default expiration date is one year. I cannot reproduce this same symptom with … Read More

Proxy, Security

Problem running ISA en IAS on the same server

René Jorissen on March 19, 2010 3 Comments • Tags: #default #ias #isa #isaserverdefaultpolicy #policy #same #server

Today I had some problems running ISA 2004 en IAS on the same server. At the beginning the customer was running ISA 2000 and IAS on the same server without any problems. By incident, the customer was forced to upgrade his ISA. They had a 2004 license, so ISA 2004 it was. I noticed that … Read More

Security

Geotrust 2048 bit Root Migration

René Jorissen on March 11, 2010 0 Comments • Tags: #2048 #bit #geotrust #migration #root

Today I read about Geotrust upgrading their public root certificate from 1024-bit to 2048-bit. Geotrust is upgrading the root certificate with the following reason. This change is in line with industry best practices that GeoTrust follows to ensure the highest level of security for customers. The move to 2048-bit root keys is an industry-wide initiative. … Read More