RSA Authentication Manager 6.1 Administrator's Guide - The Ether ...

More documents

Recommendations

Info

RSA Authentication Manager 6.1 Administrator’s GuideImportant Administrative ToolsSystem Design ToolsThe following features will help you manage your RSA Authentication ManagerAgent Hosts, tokens, and users more efficiently.Open Agent HostsOpen Agent Hosts are supported for all Agent types. If an Agent Host is “open,” usersare not required to be directly activated on the Agent Host or to be members of agroup activated on the Agent Host. Any user registered in your AuthenticationManager database can be authenticated on an open Agent Host. For more information,see “Agent Host/Authentication Manager Architecture” on page 23.Note: If you plan to use RSA Authentication Agent 6.0 or 6.1 to enable offlineauthentication, and you want only some users to have this capability, you can controlthis on an Agent Host basis. In this case, you would not want to use an open AgentHost. Offline authentication (and related) capabilities are discussed in more detail in“Setting Up Offline Authentication and Password Integration” on page 59.Automated Agent Host Registration and UpdatingAutomated Agent Host registration and updating reduces administrative overhead byenabling new Agent Hosts to register themselves with the Authentication Managerand by enabling existing Agent Hosts to automatically update their own IP addressesand sdconf.rec files. See “Automated Agent Host Registration and Updating” onpage 65.Consolidated LoggingAll log messages are consolidated to the Primary. When activity on a Replicagenerates a log message, the message is eventually sent to the Primary and logged inthe Primary log database. During heavy periods of authentication, consolidation ofthese delta records to the Primary database have a lower priority, but eventually areconsolidated.External AuthorizationYou can use External Authorization to apply additional criteria before users can accessnetwork resources. External Authorization criteria supplement RSA AuthenticationManager authentication—they do not replace it. See “Customizing YourAuthorization Procedures” on page 216.Report Creation UtilityYou can run standard reports (reports that cannot be modified or removed) and youcan create and run custom reports. Audit trail reports are run against the sdlogdatabase. Token statistic reports are run against the sdserv database. For moreinformation, see “RSA Authentication Manager Report Creation Utility (Windows)”on page 174 or “RSA Authentication Manager Report Creation Utility (UNIX)” onpage 183.34 2: Using RSA Authentication Manager Administration Applications
RSA Authentication Manager 6.1 Administrator’s GuideCustom QueriesThe Custom Queries capability enables you to use provided sample SQL queries, or tocreate your own queries, to gather and view data from the RSA AuthenticationManager log and user databases. For complete information, see “Creating andRunning Custom SQL Queries” on page 193.Administrative Support ToolsRSA Authentication Manager Control PanelFrom the RSA Authentication Manager Control Panel, you can start and stop theRSA Authentication Manager services, view installation information, and performvarious maintenance tasks, depending on what type of installation you are on. Toaccess the RSA Authentication Manager Control Panel, click Start > Programs >RSA Security RSA Authentication Manager Control Panel. For information aboutindividual tasks, see the Administrator’s Guide, the Windows Installation Guide, andthe Help.Batch Token ReplacementWith Batch token replacement you can replace tokens for large groups of usersefficiently (for example, users whose tokens are about to expire). For moreinformation, see the Help topic, “Replacing Many Tokens Using a Batch Procedure.”RSA SecurID Software Token ManagementYou can issue and revoke RSA SecurID software tokens through the Token menu. Asoftware token is a software-based security token that resides on a user’s computer.For more information, see the Help topic, “Issuing Software Tokens.”Automated Log Database MaintenanceThrough scheduling and definition options, you can configure the RSA AuthenticationManager to delete and archive log records. Regular backups and maintenance takeplace automatically according to the schedule and methods that you specify. For moreinformation, see “Scheduling Automated Log Database Maintenance” on page 157.Temporary PasswordsIf a user loses a token, you can assign a temporary password to use until you assignand deliver a new token to the user. For more information, see “Temporary Passwordsto Replace Lost Tokens” on page 128.Remote AdministrationWith Remote Administration you can administer RSA Authentication Managerdatabases without being directly connected to them. The Remote Administrationsoftware runs on Windows 2003 Server, Windows XP Professional, andWindows 2000 (Advanced, Server, and Professional) machines.With Remote Administration you can administer Windows or UNIX databases in yourlocal realm or in registered remote realms. For more information, see “RemoteAdministration” on page 40.2: Using RSA Authentication Manager Administration Applications 35
Page 1 and 2: RSA Authentication Manager 6.1Admin
Page 3: RSA Authentication Manager 6.1 Admi
Page 6 and 7: RSA Authentication Manager 6.1 Admi
Page 84 and 85:
RSA Authentication Manager 6.1 Admi
Page 86 and 87:
Page 88 and 89:
Page 90 and 91:
Page 92 and 93:
Page 94 and 95:
Page 96 and 97:
Page 98 and 99:
Page 100 and 101:
Page 102 and 103:
Page 105 and 106:
Page 107 and 108:
Page 109 and 110:
Page 111 and 112:
Page 113 and 114:
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
Page 125 and 126:
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
Page 135:
Page 138 and 139:
Page 140 and 141:
Page 142 and 143:
Page 144 and 145:
Page 146 and 147:
Page 148 and 149:
Page 150 and 151:
Page 152 and 153:
Page 154 and 155:
Page 156 and 157:
Page 158 and 159:
Page 160 and 161:
Page 162 and 163:
Page 164 and 165:
Page 166 and 167:
Page 168 and 169:
Page 170 and 171:
Page 172 and 173:
Page 174 and 175:
Page 176 and 177:
Page 178 and 179:
Page 180 and 181:
Page 182 and 183:
Page 184 and 185:
Page 186 and 187:
Page 188 and 189:
Page 190 and 191:
Page 192 and 193:
Page 194 and 195:
Page 196 and 197:
Page 198 and 199:
Page 200 and 201:
Page 202 and 203:
Page 204 and 205:
Page 206 and 207:
Page 208 and 209:
Page 210 and 211:
Page 212 and 213:
Page 214 and 215:
Page 216 and 217:
Page 218 and 219:
Page 220 and 221:
Page 222 and 223:
Page 224 and 225:
Page 226 and 227:
Page 228 and 229:
Page 230 and 231:
Page 233 and 234:
Page 235 and 236:
Page 237 and 238:
Page 239 and 240:
Page 241 and 242:
Page 243 and 244:
Page 245:
Page 248 and 249:
Page 251 and 252:
Page 253 and 254:
Page 255 and 256:
Page 257 and 258:
Page 259 and 260:
Page 261:
Page 264 and 265:
Page 266 and 267:
Page 268 and 269:
Page 270 and 271:
Page 272 and 273:
Page 274 and 275:
Page 277 and 278:
Page 279 and 280:
Page 281 and 282:
Page 283 and 284:
Page 285 and 286:
Page 287 and 288:
Page 289 and 290:
Page 291 and 292:
Page 293 and 294:
Page 295 and 296:
Page 297 and 298:
Page 299 and 300:
Page 301 and 302:
Page 303 and 304:
Page 305 and 306:
Page 307 and 308:
Page 309 and 310:
Page 311 and 312:
Page 313 and 314:
Page 315 and 316:
Page 317 and 318:
Page 319 and 320:
Page 321 and 322:
Page 323 and 324:
Page 325 and 326:
Page 327 and 328:
Page 329 and 330:
Page 331 and 332:
Page 333 and 334:
Page 335 and 336:
Page 337 and 338:
Page 339 and 340:
Page 341 and 342:
Page 343 and 344:
Page 345 and 346:
Page 347 and 348:
Page 349 and 350:
Page 351 and 352:
Page 353 and 354:
Page 355 and 356:
Page 357 and 358:
Page 359 and 360:
Page 361 and 362:
Page 363 and 364:
Page 365 and 366:
Page 367 and 368:
Page 369 and 370:
Page 371 and 372:
Page 373 and 374:
Page 375 and 376:
Page 377 and 378:
Page 379 and 380:
Page 381 and 382:
Page 383 and 384:
Page 385 and 386:
Page 387 and 388:
Page 389 and 390:
Page 391 and 392:
Page 393 and 394:
Page 395 and 396:
Page 397 and 398:
Page 399 and 400:
Page 401 and 402:
Page 403 and 404:
Page 405 and 406:
Page 407 and 408:
Page 409 and 410:
Page 411 and 412:
Page 413 and 414:
Page 415 and 416:
Page 417 and 418:
Page 419 and 420:
Page 421 and 422:
Page 423 and 424:
Page 425 and 426:
Page 427 and 428:
Page 429 and 430:
Page 431:
Page 434 and 435:
Page 437 and 438:
Page 439 and 440:
Page 441 and 442:
Page 443 and 444:
Page 445 and 446:
show all

RSA Authentication Manager 6.1 Administrator's Guide - The Ether ...

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?