Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

RSA integration for security devices

Posted on 2013-12-05
9
Medium Priority
?
294 Views
Last Modified: 2014-05-04
Hi Team,

Is possible to integrate the following devices with RSA 7.1?

1) f5 devices

2)HP Tipping point IPS

3)Algosec Firewall Analyzer

4) edmz  PAR

5) Symantec NAC hardware devices

6) Proofpoint mail gateway
0
Comment
Question by:TanSal
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 39700994
In what way? The logins to these devices for administration? An F5 is a load-balancer, so the web servers aren't going to need RSA...
The IPS, FW analyzers... Seems like you want the login's for the administration of that devices to use 2-factors?
looks like the F5's do http://www.f5.com/pdf/deployment-guides/rsa-firepass-dg.pdf
You'll probably want to search for the others or contact them.
-rich
0
 

Author Comment

by:TanSal
ID: 39701189
Hi Rich,

Yes, login to these devices for administration. Is our clients requirement that all network security devices should login via RSA token or 2-factor authentication. We are using RSA 7.1 vesrion. I have added Cisco, checkpoint and Juniper firewalls. But for rest of the devices I need your help.

Tan
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 39701527
That's going to be hard, it's up to the makers of those products, not RSA, to work with second factors. The client should be made aware that 2-factor isn't the end-all-be-all to login threats or account forcing. Many of these services simply rely on a cookie once the user has authenticated, and if someone were to steal the cookie, they'd be logged in as the person too. If the interface's aren't using HTTPS or some other encrypted tunnel the data is still plain-text over the network. There are many more factors to secure communications than the authentication or 2-factor authentication part.
http://www.experts-exchange.com/Security/Misc/A_12368-Two-Factor-Authentication-Added-layers-are-not-always-added-security.html

It's a good goal to have, however, it's not practical to say all logins have to be this way, there can be compensating controls that are in fact better than 2FA. But if they have no vision or flexibility then the goal is doomed to fail.
-rich
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 

Author Comment

by:TanSal
ID: 39709021
Hi Rich,

In our  clients network we are using triton  websense version 7.7. Is it possible to integrate version 7.7 with RSA. If we upgrade to 7.8 surely it  support  RSA. my concerns is it required to make any changes in websense server means create RSA agent for for websense.Please help.

Regards
tan
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 39709520
I don't have those products other than RSA, I'd write to your vendor's and ask them directly how they can support 2FA, most of them probably won't :( It's an odd requirement when there are probably other compensating controls that can be done to also provide authenticity of a login. There can be firewall rules on the host or network that only allows access from certain IP's or Workstations. Add to that, the workstations only allow certain users to login to them. There is IPSEC tunneling that can also prove someone is who they say they are before being able to login to a portal to make changes. It's a too rigid to HAVE TO HAVE RSA, I do not think that is going to work out in the majority of cases.
-rich
0
 

Author Comment

by:TanSal
ID: 39743193
Hi Rich,

Any update?

tan
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 1000 total points
ID: 39743452
I have not written to your product vendors to see if they support RSA, I'd suggest you ask them directly and for you're points on this question to be refunded. Use the Request Attention button.
-rich
0
 

Author Comment

by:TanSal
ID: 39781619
Thanks for your confirmation. I have some doubts on RSA

-tan
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 39782010
Again it's not just RSA, it's 2-factor altogether. It's not a typical requirement I've seen for administration tools. but your vendors may be able to tell you better who they possibly integrate with.
-rich
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
While opting for any web-to-print solution, you need to discuss with your team and some of your end users and know their opinions about your decisions. In this article we list down some questions you need to ask yourself.
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to selectively show certain fields based on user input using rules to gather relevant information and data from your forms. The rules feature provides you with an opportunity…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question