RSA Authentication Manager 8.2

2

Over 25,000 customers

50 – 60 million active tokens in circulation

10 million units shipped per year

More than 50% market share

RSA Ready Partner Program: 400 Partners with

Native SecurID Integration

THE undisputed leader in multi-factor auth

• 2016 SC Magazine Awards: Best Authentication

• Reigning Leader, Gartner MQ

3

RSA Authentication Manager 8.2 Key Themes

Seamless

• RSA Via Access SecurID Agent Hub

Secure

• FIPS Inside Compliance

• PCI DSS Compliance

• IPv6 Phase I

Simple

• Provision Once SW Tokens

• Token Expiry Alert

• Dashboard Search Option

• Report Ready Notification

Scalable

• AMBA (Enterprise)

• New Identity Sources

4

Seamless

5

Via Access SecurID Agent Hub (need to purchase RSA Via Access)

SecurID / RSA Via Access

• Via Access Tokencodes for 2FA to

SecurID Agents

– No Change to SecurID Agent

Infrastructure

– Leverage RSA Ready Program

with over 400 Certified Integrations

– PIN or Fingerprint to unlock

Tokencode

• Simplifies Registration and

Provisioning Processes

ORG1

ORG2

HU

ND

RE

DS

OF

AP

PL

ICA

TIO

NS

ON

-PR

EM

AN

D IN

TH

E C

LO

UD

Access Manager

Cloud

On-Premises

SecurID Agents

6

Identity Router

Authentication Manager 8.2

SecurID Agent

Protected Resource

1 User opens Via Access app,

enters PIN or Biometric

Thumbprint to unlock the

Via Tokencode

2 User enters UserID &

Via Tokencode into

SecurID Agent

Username & Via

Tokencode are

passed to AM8.2

3

4 AM8.2 cannot locate

user locally so reaches

out to Trusted Realms

5 IDR locates user

Passes Via Tokencode

to Via Access

6 Via Access validates

Via Tokencode

Returns response

7 User Permitted

or

Denied Access

Via Access SecurID Agent HubHow it Works

Trusted

Realm

SecurID / RSA Via Access

4096 9913

7

Via Access User Experience

User ValidationPull Down the App

Simple End User Enrollment

Set Password

8

Device Registration

Via Access User ExperienceSimple End User Device Registration & Authentication

Multi Factor Auth Create PIN Fingerprint

9

Via Access SecurID Agent Hub Benefits

SecurID / RSA Via Access

Seamless Transition

No Change to Agents

Streamlined Registration & Provisioning Processes

Improves End User

Experience

Lowers Total Cost Of Ownership

10

Simple

11

Improved Software Token Provisioning

“Provision Once” Software Tokens

• Software Tokens provisioned in AM 8.2 expire on the Server side only

meaning software tokens do not need to be re-provisioned!

• Significantly lowers administrative time and overhead to manage and

provision software tokens

Authentication Manager 8.1

TOKEN

EXPIRED Authentication Manager 8.2

5716 8299

AM8.1 and earlier NEW!

12

Email (Admin) for imminent token expiry

Simplifying Administration

User Dashboard search option (User Alias)

Email (Admin) report job completion

Friday, June 17, 2016 5:03 PM.

Improved Search and Notifications

13

Customizable Display Banner

• Customized Logo & Text Displayed

Prior to Login

• User Must Accept Notification

Before Login to AM

• Available on All AM Consoles

– Security Console

– Operations Console

– Self Service

– SSH

Meets Organizations Best Practices

Unauthorized Access is prohibited. If you are authorized

to access this site, please click the Accept button below.

If you are not authorized, please exit this site.

14

Secure & Scalable

15

FIPS 140-2 Compliance Inside

• AM Cipher Suite upgraded to meet NIST/FIPS Compliance*

PCI Compliance

• SSLv3 removal and expanded TLS 1.2 support*

• Strict TLS Mode option

NIST SP 800-131A

• Core / Plumbing Certificates upgradeable to SHA-2

Security Updates

* Does not include Radius and Off-Line Authentication

16

Without AMBA

1. Log into Security Console

2. Add New User & Relevant Info

3. Assign Software token

4. Distribute Software token

• Select token profile

• Select provisioning & delivery options

5. Repeat steps 2 to 4, 99 times

6. …

100. Done

With AMBA*

1. Prepare AMBA Input .csv file with New

User Info & Options

2. Access AM Command Line

3. Invoke AMBA Utility• Run test & verify proper operation

• Execute command

4. Done

Authentication Manager Bulk Administration (AMBA)

Add 100 New Users, Assign & Distribute Software token

* Requires Enterprise License or standalone AMBA license

AMBA Pre-Packaged with Authentication Manager

17

• Appliance Operating System Upgrade

to SUSE 11 SP4

• Qualification of VMware ESXi 6.0

• Open LDAP as an Identity Source

• IPv6 RADIUS Clients

New Platform Support & Qualifications

18

Supported Migration Paths

AM 6.1

All OS Platforms

AM 7.1

All OS Platforms

RSA SecurID

Appliance 2.0

RSA SecurID

Appliance 3.0

AM 8.1 Release

AM 8.2 Release

AM 8.1 SP1

Hyper-V Appliance

AM 8.1 Hardware

Appliance

AM 8.1 VMware

Appliance

AM 8.2

Hyper-V Appliance

AM 8.1 SP1

Hardware /

VMware Appliance

AM 8.2 HW /

VMware Appliance

AM 6.1 EOPS: December, 2015

AM 7.1 EOPS: June, 2016

19

Streamlining Evaluations

• Auto Generates 25 SW Tokens

when 90-day Trial License is

Installed

– Eliminates time-consuming

distribution of Software Token

Media

• One-time Use Extension Code

extends trial by 90 Days

• Auto Deletes Eval License once

Production License is Installed

20

Thank You