Secure Mobile Access 12.4 Administration Guide

Configuring the RSA SecurID Authentication Manager

Prerequisites:

  • SMA1000 running 12.4.3 firmware version.

  • You must be running RSA Authentication Manager 8.2 SP1 or later to access this interface. The steps are summarized in this section; see your RSA Security Console documentation for complete details.

To configure RSA SecurID Authentication Manager, do the following

  1. Open the RSA Security Console.

    1. Select Setup > System settings > RSA SecurID Authentication API .

    2. Select the Enable Authentication API check box.

    3. Note the values for the Access ID and Access Key.

    4. (Optional) In the Communication Port field, enter the port number the AMC will use to communicate with the RSA SecurID Authentication API. The default is 5555.

    5. Click Apply Settings. See RSA Authentication Manager Setup configuration guide for more details.

  2. In SMA1000 AMC appliance, navigate to System Configuration > Authentication Servers.

  3. Click New and select RSA Authentication Manager.

  4. In the Name field, type a name for the authentication server profile.

  5. Under the General section:

    1. Enter the host name in RSA SecurID primary host name. It is typically an IP Address or FQDN. The default value of port is 5555.

    2. Enter the host name in RSA SecurID secondary host name. It is typically an IP Address or FQDN. The secondary host name is used only if the primary host cannot be contacted.

    3. Enter the Access ID and Access key copied from RSA Security Console portal. The keys are of 64 characters.

  6. Under the Advanced section:

    1. Enter the Authentication Agent name for the AMC appliance that you configured in the RSA Authentication Manager. Client ID. By default the FQDN is auto filled in text box.

    2. If required change the Request timeout.

      It is the amount of time the connection between AMC appliance server and the RSA server can remain inactive before the session times out. The default is 10 seconds. The minimum is 5 seconds and maximum is 60 seconds.

    3. Enable the Validate RSA server certificate to validate the SSL certificate of the RSA Authentication Manager server. By default it is disabled.

    4. Select Enable HMAC mode to encrypt authentication requests, enabled or configured in RSA Security Console portal.

      The administrator can generate a Hash-based Message Authentication Code (HMAC) that can be used to encrypt authentication requests between SMA1000 and the RSA SecurID Authentication API. The HMAC provides a hash for the request body and an HMAC signature. For more information you can refer to Generate an HMAC for Authentication Agents guide.

  7. Click Save.

  8. Create Realm to add a RSA SecurID Authentication Manager server as a primary or secondary authentication server. For more information refer to Configuring Chained Authentication

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

  • Hidden
  • Hidden

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.
  • Hidden
  • Hidden