Monday, February 12, 2018

R80.10 Security Management







  1. Global Tool Bar
  2. Session Management Tool Bar
  3. Navigation Tool Bar
  4. System Information Area
  5. Object Bar (F11)
  6. Validation Plane
  7. Command Line Button 
SecurID 

SecurID requires users to both possess a token authenticator and to supply a PIN or password. Token authenticators generate one-time passwords that are synchronized to an RSA ACE/server and may come in the form of hardware or software. Hardware tokens are key-ring or credit card-sized devices, while software tokens reside on the PC or device from which the user wants to authenticate. All tokens generate a random, one-time use access code that changes approximately every minute. When a user attempts to authenticate to a protected resource, the one-time use code must be validated by the ACE/server. 

Using SecurID, the Security Gateway forwards authentication requests by remote users to the ACE/server. For administrators, it is the Security Management Server that forwards the requests. ACE manages the database of RSA users and their assigned hard or soft tokens. The gateway or the Security Management Server act as an ACE/Agent 5.0 and direct all access requests to the RSA ACE/server for authentication. For additional information on agent configuration, refer to ACE/server documentation. There are no specific parameters required for the SecurID authentication method.



Configuring a SecurID Server for Administrators

These instructions show how to configure a SecurID server for SmartConsole administrators. To learn how to configure a SecurID server, refer to the vendor documentation. To configure the Security Management Server for SecurID: 
1. Connect to the Security Management Server. 
2. Copy the sdconf.rec file to the /var/ace/ folder If the folder does not exist, create the folder. 
3. Give the sdconf.rec file full permissions. Run: chmod 777 sdconf.rec 

To configure a SecurID Server for a SmartConsole administrator: 
1. In SmartConsole, click Objects > More Object Types > Server > More > New SecurID. 
2. Configure the SecurID Properties: 
     a) Give the server a Name. It can be any name. 
     b) Click Browse and select the sdconf.rec file. This must be a copy of the file that is on the           Security Management Server. 
c) Click OK. 
3. Add a new administrator: 
   a) Go to Manage & Settings > Permissions & Administrators > Administrators.
   b) Click New. The New Administrator window opens. 
   c) Give the administrator a name. 
   d) Assign a Permission Profile. 
   e) In Authentication method, select SecurID. 
4. In the SmartConsole Menu, click Install Database








Posted by at