RSA Authentication Manager 7.1 Installation and Configuration Guide

More documents

Recommendations

Info

RSA Authentication Manager 7.1 Installation and Configuration Guide Port Number Protocol Service Description RSA Authentication Manager Microsoft Management Console snap-in 7004 TCP RSA Authentication Manager proxy server RSA Self-Service Console proxy server/SSL RSA Authentication Manager Microsoft Management Console snap-in proxy server 7006 TCP RSA Authentication Manager administration channel 7008 TCP RSA Authentication Manager administration server 7012 TCP RSA Authentication Manager administration channel 7014 TCP RSA Authentication Manager proxy server administration channel Used for SSL-encrypted connections. Used for load balancing of administration in an instance with multiple server nodes. This port is used for SSL connections. Used for communication from users to Authentication Manager for requests and maintenance tasks. This port is used for SSL connections. Used for load balancing of administration in an instance with multiple server nodes. This port is used for SSL connections. Internal use only. Internal use only. Internal use only. Internal use only. 7022 TCP Network access point Used for mutually authenticated SSL-encrypted trusted realm connections. 7071 TCP RSA Operations Console Used for non-SSL connection. 7072 TCP RSA Operations Console Used for SSL connections. 7082 TCP RADIUS configuration SSL Used for configuration changes to the RADIUS back-end server. 18 1: Preparing for Installation
RSA Authentication Manager 7.1 Installation and Configuration Guide Supported RSA Authentication Agents You install RSA Authentication Agents on the resources that you want to protect, such as local computers, terminal servers, and web servers. Authentication agents receive authentication requests and forward them to Authentication Manager through a secure channel. Based on the response from Authentication Manager, agents either allow the user to log on or deny the user access. To download compatible Authentication Agents from the Authentication Agent software page, go to https://www.rsa.com/node.aspid=1174. Licensing Before you install Authentication Manager, make sure that you have a valid Authentication Manager license close at hand. RSA provides the license files separately from your RSA Authentication Manager 7.1 DVD or download kit. The license allows you access to certain functionality and limits the number of users that can be registered. The license file is accompanied by a server key and certificate that are used to verify (authenticate) the identity of the server. Maintaining Accurate System Time Settings RSA Authentication Manager relies on standard time settings known as Coordinated Universal Time (UTC). The time, date, and time zone settings on computers running Authentication Manager must always be correct in relation to UTC. Make sure that the time on the computer on which you are installing Authentication Manager is set to the local time and corresponds to the UTC. For example, if UTC is 11:43 a.m. and Authentication Manager is installed on a computer in the Eastern Standard Time Zone in the United States, make sure that the computer clock is set to 6:43 a.m. This differs during Daylight Saving Time. To get the correct UTC in the United States, go to www.time.gov or the national time service provided in your country. Synchronizing Clocks RSA requires that all Authentication Manager instances and standalone RADIUS servers have their time synchronized to the same NTP server. In the absence of a reliable external time source, Authentication Manager will make a best effort attempt to synchronize the clock on each instance. Even with these controls, time drift may still exceed acceptable levels. Having a different time on several Authentication Manager instances can result in authentication failures and problematic replication behavior. Note: If you use VMware, you must link the host to an NTP server and the guest OS to the same NTP server. 1: Preparing for Installation 19
Page 1 and 2: RSA Authentication Manager 7.1 Inst
Page 7: RSA Authentication Manager 7.1 Inst
Page 68 and 69:
RSA Authentication Manager 7.1 Inst
Page 70 and 71:
Page 72 and 73:
Page 74 and 75:
Page 76 and 77:
Page 78 and 79:
Page 80 and 81:
Page 82 and 83:
Page 84 and 85:
Page 87 and 88:
Page 89 and 90:
Page 91 and 92:
Page 93 and 94:
Page 95 and 96:
Page 97 and 98:
Page 99 and 100:
Page 101 and 102:
Page 103 and 104:
Page 105 and 106:
Page 107 and 108:
Page 109 and 110:
Page 111 and 112:
Page 113 and 114:
Page 115 and 116:
Page 117:
Page 120 and 121:
Page 122 and 123:
Page 125 and 126:
Page 127 and 128:
Page 129:
Page 132 and 133:
Page 134 and 135:
Page 136 and 137:
Page 138 and 139:
Page 141 and 142:
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
Page 151 and 152:
Page 153 and 154:
Page 155:
Page 158 and 159:
Page 160 and 161:
Page 162 and 163:
Page 164 and 165:
Page 166 and 167:
Page 168 and 169:
Page 170 and 171:
Page 172 and 173:
Page 174 and 175:
Page 176 and 177:
Page 178 and 179:
Page 180 and 181:
Page 182 and 183:
Page 184 and 185:
Page 186 and 187:
Page 188 and 189:
Page 190 and 191:
Page 192 and 193:
Page 195 and 196:
Page 197 and 198:
Page 199 and 200:
Page 201 and 202:
Page 203:
show all

RSA Authentication Manager 7.1 Installation and Configuration Guide

Create successful ePaper yourself

Delete template?

Save as template?