1 / 14

RSA SecurID Appliance Setup & Administration

RSA SecurID Appliance Setup & Administration. Michal Červinka SOFT-TRONIK, a.s. michal.cervinka @soft-tronik.cz. More about HW. Intel Pentium 4 Celeron 2.53 GHz Processor. Intel 865G + ICH5 Chipset Intel 2x 1Gigabit & 2x 10/100 Ethernet Controller

arleen
Download Presentation

RSA SecurID Appliance Setup & Administration

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. RSA SecurID ApplianceSetup & Administration Michal Červinka SOFT-TRONIK, a.s. michal.cervinka@soft-tronik.cz

  2. More about HW • Intel Pentium 4 Celeron 2.53 GHz Processor. • Intel 865G + ICH5 Chipset • Intel 2x 1Gigabit & 2x 10/100 Ethernet Controller • 512MB DDR400 Memory Module (Support Memory up to 4GB.) • 1x3.5" SATAII 80GB HDD • 1 X Keyboard Port, 1 X VGA Port • 3 X USB 2.0 interface (you can use USB memory dev.) • 3 X Cooling FAN (2 - System / 1 - Power Supply) • Power Supply 350W, Cons. 160W • 1U Rack Mount Form Factor

  3. More about SW • Hardened Windows 2003 Server Standard Edition • RSA Authentication Manager 6.1 • RSA Authentication Agent 6.1 for Windows (local auth.) • RSA Authentication Agent 5.6 for IIS • Web Administration Application • RSA Radius Server 6.1 • SNMP Agent Plug-in

  4. Initial Setup • appliance address displayed on LCD, address your laptop and connect to https://192.168.100.100:8098 • user name administrator and the temporary password [RSAAppliance] (including the brackets) • choose primary / replica setup • go through the QuickSetup wizzard • set date and time • change administrator password • hostname, domainname, IP settings • provide license • import token records • assign token to administrator and test • enable authentication and finish

  5. Understanding Admin Accounts • Administrator – standard admin, always requires token, consumes a license • AdminWebUser – internal (web server) use, don’t change • rsaLocalAdmin – emergency access only • Create more …

  6. Basic Appliance Administration • simple, intuitive web-based administration interface (https://<appliance>:8098) • “Administrator” – instant standard admin account • Token authentication is a “must”

  7. Advanced Appliance Administration • Windows Server administration via RDP over SSL • Traditional Authentication Manager admin tools via RDP over SSL • Traditional AM remote console

  8. Emergency Access • turn-off • connect keyboard+monitor • turn-on • Login as rsaLocalAdmin • run db-admin

  9. Resetting to Factory Defaults • turn off • turn on • on the first beep turn the dial clockwise • You will loose all the upgrades and optional installations

  10. Backup • Online-backup script: c:\authmgr\scripts\rotatebackup.bat • Creates MS .cab file • By default runs once a week (windows scheduler) • Accessible at https://<appliance>:8098/admin/ACE/backup_dwnld.asp

  11. Restore • Copy .cab to the appliance and unpack • Stop AM services • Create empty databases (run sdnewdb.exe) • Load databases (server and log) • Owerwrite sdconf.rec • Create windows admin account if needed • Restart the appliance

  12. Patches and Upgrades • OS • AM components • Download the upgrade bundle, extract • Run setup • Reboot if needed

  13. Monitoring • E-mail Alerts (Event Log) • SNMP Traps • Authentication Manager • Authentication Agent • Radius • Scheduled restart

More Related