Securing Your Future with Two-Factor Authentication
RSA SecurID® two-factor authentication is based on something you know (a password or PIN) and something you have (an authenticator) providing a much more reliable level of user authentication than reusable passwords. It offers a unique, time-synchronous solution that automatically changes the user’s password every 60 seconds. This makes the solution more secure than event-synchronous systems with passwords that can be valid for an indefinite period of time and easier to use than challenge-response systems that require multiple steps to generate a valid code.
RSA Security offers enterprises a wide range of user authentication options to help positively identify users before they interact with mission-critical data and applications through:
- VPNs & WLANs
- Intranets & extranets
- Microsoft® Windows® desktops
-
Web servers
- Other network resources
They are designed to fit seamlessly into the existing e-business infrastructures of over 21,000 customers worldwide. With a 20-year history of outstanding performance and innovation, RSA Security’s authentication solutions remain an industry standard for organizations looking to protect their key business data assets.
Authentication Manager
RSA Authentication Manager software is the management component of the RSA SecurID solution, used to verify authentication requests and centrally administer user authentication policies for access to enterprise networks. Working in conjunction with RSA SecurID authenticators and RSA Authentication Agent software, the solution provides two-factor user authentication that protects access to more VPN's, wireless networks, web applications, business Windows operating system, applications and operating environments, including the Microsoft than any other system available today.
SecurID® Authenticators
 |
RSA SecurID® hardware tokens provide "hacker-resistant" two-factor authentication, resulting in easy-to-use and effective user identification. Based on RSA Security’s patented time synchronization technology, this authentication device generates a simple, one-time authentication code that changes every 60 seconds. |
 |
To access resources protected by the RSA SecurID system, users simply combine their secret Personal Identification Numbers (PIN’s) (something they alone know) with the token codes generated by their authenticators (something they have). The result is a unique, one-time-use passcode that is used to positively identify, or authenticate, the user. If the code is validated by the RSA SecurID system, the user is granted access to the protected resource. If it is not recognized, the user is denied access. |
 |
No interaction with the user desktop is required—that is, you don't have to install or maintain any software. Equally important, you are not required to program tokens. They are ready to use out of the box. In addition, RSA SecurID hardware authenticators are manufactured and sealed with an integral lifetime battery. No user maintenance or battery replacement is required. As a result, this authentication solution is as easy to deploy and administer as it is to use. |
 |
RSA SecurID software tokens support the same algorithms as the industry-leading RSA SecurID hardware authenticators, including the industry-standard AES algorithm. Instead of being stored in an RSA SecurID hardware authenticator, the symmetric key (or "seed record") is safeguarded securely on the user’s desktop, laptop, PDA, handheld, or mobile phone. RSA SecurID symmetric keys may also be stored on smart card and USB devices and used in conjunction with the RSA SecurID software token on the user’s desktop. |
New Features within version 7.1
Enhanced Operational Efficiencies
RSA Authentication Manager 7.1 includes a suite of requested features that make the solution easier to manage, lowers total cost of ownership and leverages existing IT resources.
Native LDAP Support
The release delivers true native LDAP support for direct integration with Sun One™ and Active Directory®. No more synchronization. Multiple identity sources can serve as the data stores. Native LDAP requires no change to the database schema.
Web-based Management
The new administration interface is browser-based and is zero-footprint, meaning that no client software is required to be installed on the admin PC. RSA Authentication Manager 7.1 can be remotely administered from any PC with a browser and Internet connection.
Delegated Multi-level Administration
This enables granular administrative access control down to a user/group and policy level. It maximizes administration resource investment and delivers increased security by ensuring that fewer individuals hold the "keys to the kingdom."
Clustering of Servers
Clustering enables the grouping of server nodes together to appear as one. This is an easy, inexpensive way to increase scalability and performance. It also increases resilience by providing additional fail-over, ensuring maximum up-time. ** available on the enterprise server license only **
Microsoft® Management Console (MMC) Snap-in
For customers already using MMC as their primary management utility, this plug-in provides consistency and added ease of use. Through MMC, admins can perform a variety of basic user and token management tasks, such as assigning or disabling a token to a user.
RSA® Credential Manager
The replacement for RSA® Deployment Manager (Web Express), RSA Credential Manager is tightly coupled with the management interface of Authentication Manager, requires no separate install and delivers a range of functionality beyond what Deployment Manager produced. These are:
- Self Service. A configurable self-service console is available for end users to request a variety of services, including issuing On-demand token codes for emergency access. The Self Service module can dramatically reduce the call volume into the IT help desk because users are empowered to manage all aspects of their token lifecycles.
- Workflow Provisioning. Administrators can create processes by which requestors are approved and credentials are issued (available with Enterprise Server License)
