You are on page 1of 22

RSA Authentication Manager 7.

{Name} {Date}

Identity Assurance Solutions Whats New in RSA Authentication Manager 7.1

RSA Credential Manager

The Three Pillars of the Release

Extended Authentication Options Business Continuity Options Enhanced Operational Efficiencies

RSA Identity Assurance Solutions

Introduction to RSA Authentication Manager 7.1

What is the Authentication Manager 7.1 release?

Follow on to Authentication Manager 7.0, which was introduced as a proof of concept release The 7.0 release has been out since January 2007

The 7.1 release introduces MAJOR new functionality that impacts the way new and existing customers utilize the solution

New architecture, new features, new GUI, new credentials, new self-service options, new workflow provisioning and more

In all, over 40 new enhancements have been added to this release!!

Three Pillars of Authentication Manager 7.1

Extended Authentication Options Business Continuity Options Enhanced Operational Efficiencies

Support Additional Tokens & Services

Protect Your Organizations Information

Create Compelling ROI Scenarios

Value Propositions for this Release

Eases administration
IT staff spend less time servicing user requests and more time on higher value projects Deployment tools and architectural enhancements match the way the organization does business and streamline credential deployment Credentials can be deployed to a wider audience, and at a much lower cost. New applications for credentials fit the business needs of the organization

Lowers deployment costs

Flexible credentialing methods

Protects against threat of business disruption

Evolving solution protects the information security of the enterprise

Extended Authentication Options

Extended Authentication Options

On-demand Authentication

Dynamic Seed Provisioning

The On-demand Authenticator

A new credentialing method introduced in RSA Authentication Manager 7.1 Requires no hardware or software token

Zero footprint authenticator Delivers one-time tokencode to a users cell phone or e-mail User initiated through a Self Service web module

On-demand Authenticators utilize e-mail or SMS delivery

What is SMS?

Short Message Service

Text messaging Provides a secure connectionless delivery method to an already ubiquitously deployed device the mobile phone Recognized standard and widely available worldwide RSA has formed a relationship with an SMS aggregator Clickatell

It is estimated that worldwide, the number of SMS-capable handsets will exceed 2 billion in 2008 Portio Research

On-demand Authentication: How it Works

OTP Auth User Authentication can Mgr logs then sends onto be self used out Manager to SMS service authenticate message establishes console, with user to requests the identity OTP VPN OTP app
SMS Gateway Provider Internet OK
Secure HTTPS



Home Office Telecom Network

Authentication Manager 7.1

Scenario: Employee working remotely needs access to network via VPN

Applications Enabled with On-demand Authentication

Mobile Employees
The Challenge: Supporting a diverse base of growing users

The Challenge: Finding a secure way to issue and manage credentials to temporary workers The Resolution: Ondemand is a zero footprint authenticator. No more hardware tokens to recover at the end of a contractor assignment

Business Continuity
The Challenge: Maintaining strong security during a business disruption The Resolution: Ondemand stands up a self service module to rapidly on-board users and deploy On-demand credentials in the event of an emergency

The Resolution: Ondemand provides a 24x7 method for supporting occasional workers without issuing hardware or software tokens to every employee

Dynamic Seed Provisioning

Utilizes industry-standard Cryptographic Token Key Initiation Protocol (CT-KIP)

Published as IETF Internet-Draft (RFC 4758)

A client-server protocol that enables more rapid setup of software tokens.

No seed file needs to be sent over the network to the remote user.

This makes the deployment of software tokens smoother and shorten deployment times.

Business Continuity Option

Introducing Business Continuity Option

New licensing feature in Authentication Manager 7.1 Temporarily allows you to expand your Authentication Manager server license to accommodate users during a business disruption or disaster.

A BCO license is purchased for a 3 year term

Purchase in any increment starting at 5 users Each user is an On-demand seat

Can be activated up to 6 times during the license term

Each activation is for 60 days May be self-activated by an administrator through the Authentication Manager Security Console

Enhanced Operational Efficiencies

Enhanced Operational Efficiencies: Top Four

Native LDAP

MMC Snap-In

Web-Based Management

Delegated Admin

What is RSA Credential Manager?

Software module that facilitates the complete management of the user token lifecycle
Provides mechanisms for end users to self initiate and solve all aspects of token usage Enables the on-boarding and binding of users to their credentials through workflow processes Delivers self service mechanisms for emergency access/PIN resets

CM is the replacement for RSA Deployment Manager (Web Express) in Auth Manager 7.1 and beyond

Credential Manager Overview

Provides a self-service mechanism that allows users to request, deploy and activate and trouble-shoot from a Web browser for

PIN changes
Token replacements Emergency PIN resets using One-Time Passwords (OTP)

Automates and dramatically speeds the rollout of RSA SecurID hardware and software authenticators to end users
Saving valuable administrative time Reducing the total cost of ownership

Centrally manages all token form factors: hardware, software and SMS Tightly integrates with Authentication Manager 7.1 and scales to easily meet the needs of both small and large user deployments

Utilizes the same user common data store Accessed within the Auth Manager console

Business Fit Credential Manager benefits your organization by

Dramatically lowering deployment and on-going management costs Increasing productivity of IT staff by freeing up time normally spent answering help desk calls

Delivering business continuity with the enablement of one time password (OTP) authentication methods
Increasing productivity by providing users with mechanisms to perform the most commonly requested features

What is Authentication Manager 7.1?

RSA extends its lead in the two-factor authorization market with a suite of new enhancements. RSA Authentication Manager 7.1 provides Extended Authentication Options delivering a wider breadth of centrally managed credentials, such as the Ondemand (SMS) Authenticator. The Business Continuity Option provides a convenient and flexible global solution for customers to handle business disruptions. Enhanced Operational Efficiencies provide a set of features and applications that simplify management, lower deployment costs and enhance the productivity of your IT staff.

Thank you!