Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

RSA integration for security devices

Posted on 2013-12-05
9
287 Views
Last Modified: 2014-05-04
Hi Team,

Is possible to integrate the following devices with RSA 7.1?

1) f5 devices

2)HP Tipping point IPS

3)Algosec Firewall Analyzer

4) edmz  PAR

5) Symantec NAC hardware devices

6) Proofpoint mail gateway
0
Comment
Question by:TanSal
  • 5
  • 4
9 Comments
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 39700994
In what way? The logins to these devices for administration? An F5 is a load-balancer, so the web servers aren't going to need RSA...
The IPS, FW analyzers... Seems like you want the login's for the administration of that devices to use 2-factors?
looks like the F5's do http://www.f5.com/pdf/deployment-guides/rsa-firepass-dg.pdf
You'll probably want to search for the others or contact them.
-rich
0
 

Author Comment

by:TanSal
ID: 39701189
Hi Rich,

Yes, login to these devices for administration. Is our clients requirement that all network security devices should login via RSA token or 2-factor authentication. We are using RSA 7.1 vesrion. I have added Cisco, checkpoint and Juniper firewalls. But for rest of the devices I need your help.

Tan
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 39701527
That's going to be hard, it's up to the makers of those products, not RSA, to work with second factors. The client should be made aware that 2-factor isn't the end-all-be-all to login threats or account forcing. Many of these services simply rely on a cookie once the user has authenticated, and if someone were to steal the cookie, they'd be logged in as the person too. If the interface's aren't using HTTPS or some other encrypted tunnel the data is still plain-text over the network. There are many more factors to secure communications than the authentication or 2-factor authentication part.
http://www.experts-exchange.com/Security/Misc/A_12368-Two-Factor-Authentication-Added-layers-are-not-always-added-security.html

It's a good goal to have, however, it's not practical to say all logins have to be this way, there can be compensating controls that are in fact better than 2FA. But if they have no vision or flexibility then the goal is doomed to fail.
-rich
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 

Author Comment

by:TanSal
ID: 39709021
Hi Rich,

In our  clients network we are using triton  websense version 7.7. Is it possible to integrate version 7.7 with RSA. If we upgrade to 7.8 surely it  support  RSA. my concerns is it required to make any changes in websense server means create RSA agent for for websense.Please help.

Regards
tan
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 39709520
I don't have those products other than RSA, I'd write to your vendor's and ask them directly how they can support 2FA, most of them probably won't :( It's an odd requirement when there are probably other compensating controls that can be done to also provide authenticity of a login. There can be firewall rules on the host or network that only allows access from certain IP's or Workstations. Add to that, the workstations only allow certain users to login to them. There is IPSEC tunneling that can also prove someone is who they say they are before being able to login to a portal to make changes. It's a too rigid to HAVE TO HAVE RSA, I do not think that is going to work out in the majority of cases.
-rich
0
 

Author Comment

by:TanSal
ID: 39743193
Hi Rich,

Any update?

tan
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 500 total points
ID: 39743452
I have not written to your product vendors to see if they support RSA, I'd suggest you ask them directly and for you're points on this question to be refunded. Use the Request Attention button.
-rich
0
 

Author Comment

by:TanSal
ID: 39781619
Thanks for your confirmation. I have some doubts on RSA

-tan
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 39782010
Again it's not just RSA, it's 2-factor altogether. It's not a typical requirement I've seen for administration tools. but your vendors may be able to tell you better who they possibly integrate with.
-rich
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SharePoint 2013 6 57
Windows 10 4 71
Encryption of server 7 153
Edit a page at wix.com 8 67
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
In 2017, ransomware will become so virulent and widespread that if you aren’t a victim yourself, you will know someone who is.
This video teaches users how to migrate an existing Wordpress website to a new domain.
Learn how to set-up custom confirmation messages to users who complete your Wufoo form. Include inputs from fields in your form, webpage redirects, and more with Wufoo’s confirmation options.

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question