Re: RSA SecurID for Microsoft Windows & RWW

Susan Bradley [SBS MVP] <sbrad...@xxxxxxxxxxx> declared that RSA's
SecurID 2FA infrastructure "Won't hook into RWW."

I don't doubt the SBS Diva; and I don't have immediate access to a
SBS/RWW box -- but I'm unclear why RSA's Authentication Agent for Web
won't handle Remote Web Workplace. (I have always assumed that the RWW
portal was SharePoint-based, is that not true?)

In any case, from my discussions with RSA's product managers, I know
that RSA is committed to support SBS -- so if there is a problem, it
will be addressed.

I'm a long-term consultant to RSA. I'll report back here with feedback
from RSA; an explanation of the problem; and (if necessary) a timetable
for a fix.

Dave Nickason [SBS MVP] added:
> There are other products that work similarly to RSA. The negative to RSA is
> that it starts at a 25 user license, and they only support it on a dedicated
> server. IMO really cost prohibitive for a small business. Most of these
> 3rd party products are RADIUS servers, so you can try searching that.

Last fall, Sue Bradley approached RSA with a request that the RSA
SecurID be repackaged for small and medium size businesses. After some
exchanges between Ms. Bradley and several RSA executives, RSA
responded in February, when it announced its new SecurID Appliance --
an 1U rackmounted device which runs RSA's Authentication Manager on a
hardened Microsoft Windows 2003 Server -- with a new ten-token minimum
starter package, and a series of bundled solutions for up to 250 users.

(See: <http://www.rsasecurity.com/node.asp?id=2807&node_id=>.)

SC Magazine has just announced that the SecurID Appliance is one of the
five products (and the only one in its class) that SC readers have
chosen as finalists for the 2006 Security Product of the Year for Small
and Medium Size Enterprises.

No one is going to claim that this is a product for everyone, but the
RSA SecurID infrastructure offers a trusted core of two-factor
authentication (2FA), an array of AES-based hardware SecurID tokens and
token-emulation apps (for PDAs and phones) which fit a spectrum of
security and regulatory requirements; and an unparalleled list of over
300 networked devices and applications, from independent 3rd party
vendors, for which out-of-the-box SecurID compatibility has been tested
and certified.

With enhancements to its basic SecurID infrastructure, RSA can also
extend 2FA requirements to cover DCs and logon for all networked XP
workstations and laptops (even when they are temporarily off the
network) with RSA's SecurID for Windows; offer SSO throughout most of
an enterprise with RSA's Sign-On Manager (SOM); and reach out to
trusted suppliers, customers, or alliance partners with the RSA's
Federation Manager (FIM).

With over 19,000 SecurID installations worldwide, over 1,000
development partners, and over a billion applied crypto apps in the
field, RSA has built up a lot of trust and credibility among enterprise
customers and IT professionals. It invests in its products, tries to
listen to its customers, and works hard to maintain that trust. As the
demand for 2FA continues to expand into new environments, RSA and key
partners last year began publishing the One-Time Password (OTP)
Specificiations, a series of standardized templates and guidelines for
safely and efficiently integrating OTPs into a variety of applications.


I append some URLs that some SBS admins, and others, might find
informative:

RSA SecurID Appliance:
<http://www.rsasecurity.com/node.asp?id=2807&node_id=>
RSA Authentication Agent Software:
<http://www.rsasecurity.com/node.asp?id=1174>
RSA SecurID Authenticators:
<http://www.rsasecurity.com/node.asp?id=1157>
RSA Sign-On Manager: <http://www.rsasecurity.com/node.asp?id=2541>
RSA SecurID for MS-Windows:
<http://www.rsasecurity.com/node.asp?id=1173>
RSA FIM: <http://www.rsasecurity.com/node.asp?id=1191>
RSA Secured Partner Solutions Directory:
<http://rsasecurity.agora.com/rsasecured/results.asp?product_program=107>
The One-Time Password Specifications (OTPS):
<http://www.rsasecurity.com/rsalabs/node.asp?id=2816>

Suerte,
_Vin

.

Relevant Pages

  • Re: RSA secureID
    ... demand two-factor authentication: the user's memorized PIN, ... the ISA support docs for installing ACE/SecurID, ... RSA, over the past 15 years, ... them certified as "SecurID Ready" out of the box. ...
    (microsoft.public.platformsdk.security)
  • Re: Recommendation for a good two-factor authentication product
    ... two-factor authentication solution that meets the following ... customer support is severely lacking) ... Since DLN asked specifically about the RSA story, ... SecurID with RSA's Local Authentication Client. ...
    (microsoft.public.windows.server.security)
  • Re: Recommendation for a good two-factor authentication product
    ... two-factor authentication solution that meets the following ... customer support is severely lacking) ... Since DLN asked specifically about the RSA story, ... SecurID with RSA's Local Authentication Client. ...
    (microsoft.public.windows.server.security)
  • Re: Configuring RSA Securid on ISA 2004 server
    ... > authenticate to website using the RSA Securid. ... Microsoft's ISA Server 2004 supports the native SecurID ... also install RSA's ACE/Agent for Windows. ... This is a major advance in the integration of RSA's authentication ...
    (microsoft.public.isa.configuration)
  • [NEWS] RSA SecurID ACE Agent Cross Site Scripting
    ... RSA SecurID provides authentication and access control using the RSA ... The RSA ACE/Agent allows sites to protect web resources by requiring RSA ...
    (Securiteam)