Skip to main content

RSA Secure ID

RSA SecurID ( “SecurID”) is a two-factor authentication technology that is used to protect network resources.  The authentication is based on two factors -- something you know (a password or PIN) and something you have (an authenticator).  The authenticator is typically a hardware token (such as a USB token, smart card or key fob) and the software token is the RSA Authentication Manager Software that provides the security engine used to verify authentication requests.

How RSA Secure ID Works
When a user attempts to access a protected resource, he is prompted for a unique passcode. The passcode is a combination of their user’s PIN and the code that is displayed on the authenticator token at the time of log in.
The user ID and pass code are intercepted by the RSA Authentication Agent and presented to the RSA Authentication Manager software which validates the pass code.  The RSA SecurID system computes what number the token is supposed to be showing at that moment in time, checks it against what the user entered, and makes the decision to allow or deny access.

RSA SecurID authenticators help organizations protect private information and assure identities of people, devices and applications exchanging that information. They are designed to fit seamlessly into the existing business infrastructures of over 30,000+ organizations worldwide. With over 25 years of outstanding performance and innovation, the RSA SecurID solution remains an industry standard for organizations which want to protect key business data assets. RSA SecurID authenticators provide organizations with:

– Strong network security,
– Reliable authentication,
– Convenient solutions for end-users and
– A choice of form factors and options.

Hardware Authenticators
The RSA SecurID hardware token comes in a variety of convenient models that all generate and display new codes every 60 seconds.



Software Authenticators
RSA SecurID software tokens use the same algorithm as RSA SecurID hardware tokens  while eliminating the need for users to carry dedicated hardware devices. Instead of being stored in hardware, the symmetric key is safeguarded securely on the user’s PC, smart phone or USB device.
RSA SecurID software authenticators reduce the number of items a user has to manage for safe and secure access to corporate assets. Software tokens can help the enterprise cost-effectively manage secure access to information and streamline the workflow for distributing and managing two-factor authentication for a global work force. Additionally, software tokens can be revoked and recovered when someone leaves the company or loses a device, eliminating the need to replace tokens.




Labels:

Comments

Post a Comment

Popular posts from this blog

Basic Rules of Checkpoint Firewall

Managing the Firewall Rule Base: Explicit and Implied Rules These are the types of rules in the Rule Base: Explicit rules - Rules that you create to configure which connections the Firewall allows Implied rules - Rules that are based on settings in the Global Properties menu Implied rules allow connections for different services that the Security Gateway uses. For example, the Accept Control Connections option allows packets that control these services: ·          Installing the security policy on a Security Gateway ·          Sending logs from a Security Gateway to the Security Management server ·          Connecting to third party applications, such as RADIUS and TACACS authentication servers Order of Rule Enforcement: Make sure that you understand the importance of the order of rule enforcement to maximize the security of the Firewall. The Firewall always enforces the first rule that matches a connection. It does not enforce later rules tha
Post a Comment
Read more

ASA TCP Connection Flags

When troubleshooting TCP connections through the ASA, the connection flags shown for each TCP connection provide a wealth of information about the state of TCP connections to the ASA. This information can be used to troubleshoot problems with the ASA, as well as problems elsewhere in the network. Here is the output of the show conn protocol tcp command, which shows the state of all TCP connections through the ASA. These connections can also be seen with the show conn command. ASA# show conn protocol tcp 101 in use, 5589 most used TCP outside 10.23.232.59:5223 inside 192.168.1.3:52419, idle 0:00:11, bytes 0, flags saA TCP outside 192.168.3.5:80 dmz 172.16.103.221:57646, idle 0:00:29, bytes 2176, flags UIO TCP outside 10.23.232.217:443 inside 192.168.1.3:52427, idle 0:01:02, bytes 4504, flags TCP outside 10.23.232.217:5223 inside 192.168.1.3:52425, idle 0:00:10, bytes 0, flags saAUIO TCP outside 10.23.232.57:5223 inside 192.168.1.3:52412, idle 0:00:23, bytes 0, flag
Post a Comment
Read more

How to Set Up an IPSec Tunnel On PAN-OS - Palo Alto Firewalls

Set Up an IPSec Tunnel  The IPSec tunnel configuration allows you to authenticate and/or encrypt the data (IP packet) as it traverses across the tunnel.  If you are setting up the Palo Alto Networks firewall to work with a peer that supports policy-based VPN, you must define Proxy IDs. Devices that support policy-based VPN use specific security rules/policies or access-lists (source addresses, destination addresses and ports) for permitting interesting traffic through an IPSec tunnel. These rules are referenced during quick mode/IKE phase 2 negotiation, and are exchanged as Proxy-IDs in the first or the second message of the process. So, if you are configuring the Palo Alto Networks firewall to work with a policy-based VPN peer, for a successful phase 2 negotiation you must define the Proxy-ID so that the setting on both peers is identical. If the Proxy-ID is not configured, because the Palo Alto Networks firewall supports route-based VPN, the default values used as Proxy-ID are source
Post a Comment
Read more