Migrating to RSA Authentication Manager Version 8.1

Similar documents
SonicWALL SRA Virtual Appliance Getting Started Guide

Risk Based Authentication and AM 8. What you need to know!

RSA Authentication Manager 7.1 to 8.1 Migration Guide: Upgrading RSA SecurID Appliance 3.0 On Existing Hardware

RSA Authentication Manager 8.1 Virtual Appliance Getting Started

RSA Authentication Manager 8.1 Setup and Configuration Guide. Revision 2

Installing and Using the vnios Trial

SSL VPN. Virtual Appliance Installation Guide. Virtual Private Networks

AppGate XDP v2.0 Installation from ISO into Virtual Box Hypervisor

Setup Cisco Call Manager on VMware

RSA Authentication Manager 7.1 Basic Exercises

RSA Authentication Manager 8.1 Planning Guide. Revision 1

RSA Authentication Manager 6.1 to 8.1 Migration Guide. Revision 1

Virtual Appliance Setup Guide

Virtual Appliance Installation Guide

Migrating to ESXi: How To

RSA Authentication Manager 8.1 Help Desk Administrator s Guide. Revision 1

RSA Authentication Manager 8.1 Help Desk Administrator s Guide

RSA Authentication Manager 8.1 Administrator s Guide. Revision 1

EMC Data Domain Management Center

VMware Identity Manager Administration

VMware Identity Manager Connector Installation and Configuration

Virtual Appliance Setup Guide

LifeSize Transit Virtual Appliance Installation Guide June 2011

VMware vsphere Examples and Scenarios

vsphere Upgrade Update 1 ESXi 6.0 vcenter Server 6.0 EN

OnCommand Performance Manager 1.1

PowerPanel Business Edition Installation Guide

GX-V. Quick Start Guide. VMware vsphere / vsphere Hypervisor. Before You Begin SUMMARY OF TASKS WORKSHEET

VMware Virtual Desktop Manager User Authentication Guide

Remote PC Guide Series - Volume 1

VMware vsphere Data Protection 6.1

Product Version 1.0 Document Version 1.0-B

Symantec Client Management Suite 8.0

Polycom CMA System to RealPresence Resource Manager System

HEAT DSM Release Overview. Andreas Fuchs Product Management November 16th, 2015

RSA Authentication Manager 8.1 Administrator s Guide

Virtual Appliance Setup Guide

Installing and Configuring vcenter Multi-Hypervisor Manager

Virtual Web Appliance Setup Guide

RSA SecurID Ready Implementation Guide

LOCKSS on LINUX. CentOS6 Installation Manual 08/22/2013

Rally Installation Guide

Dell UPS Local Node Manager USER'S GUIDE EXTENSION FOR MICROSOFT VIRTUAL ARCHITECTURES Dellups.com

vsphere Upgrade vsphere 6.0 EN

Kaseya IT Automation Framework

Required Virtual Interface Maps to... mgmt0. virtual network = mgmt0 wan0. virtual network = wan0 mgmt1. network adapter not connected lan0

RSA Authentication Manager 7.1 Administrator s Guide

VMware vsphere 5.1 Advanced Administration

1 P a g e Delivering Self -Service Cloud application service using Oracle Enterprise Manager 12c

VMWARE PROTECTION USING VBA WITH NETWORKER 8.1

VMware vcenter Configuration Manager Administration Guide vcenter Configuration Manager 5.5

Installing the Operating System or Hypervisor

Common Services Platform Collector (CSPC) Self-Service - Getting Started Guide. November 2015

VMware vsphere 5.0 Boot Camp

How to Configure an Initial Installation of the VMware ESXi Hypervisor

Frequently Asked Questions (FAQ)

GX-V. Quick Start Guide. Microsoft Hyper-V Hypervisor. Before You Begin SUMMARY OF TASKS. Before You Begin WORKSHEET VIRTUAL GMS SERVER

Workspot, Inc. RSA SecurID Ready Implementation Guide. Partner Information. Last Modified: September 16, Product Information Partner Name

GMS. 1 Create the virtual machine 2 Configure the virtual machine 3 Configure the virtual GMS server. Quick Start Guide. Microsoft Hyper-V Hypervisor

OnCommand Performance Manager 2.0

WatchGuard Dimension v1.1 Update 1 Release Notes

VMware ESXi 3.5 update 2

INTRODUCTION APPLICATION DEPLOYMENT WITH ORACLE VIRTUAL ASSEMBLY

Altiris Server Management Suite 7.1 from Symantec

Virtual Managment Appliance Setup Guide

SolarWinds Log & Event Manager

INTRODUCTION TO CLOUD MANAGEMENT

Microsoft Windows Intune: Cloud-based solution

Extreme Control Center, NAC, and Purview Virtual Appliance Installation Guide

Uila SaaS Installation Guide

System Area Manager. Remote Management

Disaster Recovery with EonStor DS Series &VMware Site Recovery Manager

AirWatch Solution Overview

Zend Server Amazon AMI Quick Start Guide

Introducing ZENworks 11 SP4. Experience Added Value and Improved Capabilities. Article. Article Reprint. Endpoint Management

Propalms TSE Deployment Guide

PlateSpin Forge 4. Rebuilding Forge 4 Appliance 2. June 14, 2014

Tivoli Endpoint Manager for Remote Control Version 8 Release 2. User s Guide

Virtual Appliance for VMware Server. Getting Started Guide. Revision Warning and Disclaimer

How To - Deploy Cyberoam in Gateway Mode

OnCommand Unified Manager 6.2

MONITORING RED HAT GLUSTER SERVER DEPLOYMENTS With the Nagios IT infrastructure monitoring tool

How to Install the VMware ESXi Hypervisor on Physical Hardware

Streamlining BEA WebLogic Server Application Development. With VMware Infrastructure 3. With VMware Infrastructure 3

VMWARE VSPHERE 5.0 WITH ESXI AND VCENTER

Manage Dell Hardware in a Virtual Environment Using OpenManage Integration for VMware vcenter

Virtual Client Solution: Desktop Virtualization

VMware vcenter Log Insight Security Guide

Quick Installation Guide. Overview. GULFSIP ATA-G1S Quick Installation Guide

Quick Start Guide for VMware and Windows 7

Using iscsi with BackupAssist. User Guide

Thinspace deskcloud. Quick Start Guide

RSA CUSTOMER EDUCATION CATALOG

Migrating to vcloud Automation Center 6.1

Virtual Server Installation Manual April 8, 2014 Version 1.8

Digital Marketplace - G-Cloud

Alliance Key Manager A Solution Brief for Technical Implementers

QuickStart Guide vcenter Server Heartbeat 5.5 Update 2

Abridged. for Security Domain Administrators. IT Services Iowa State University. Jan 2015

Transcription:

Migrating to RSA Authentication Manager Version 8.1 2014 EMC Corporation All Rights Reserved Rev. P3 1

Why Migrate to AM 8.1? Solid, quality release puts your authentication platform on excellent footing for the future RSA has spent many cycles ensuring the highest quality release Quality validated by thousands of customers who have migrated since March 2013 Compelling new authentication feature set Risk-Based Authentication (RBA) extends strong authentication to new audiences such as contractors, temporary workers, audit teams, customers Improved software token provisioning eases implementation Lowers cost User Dashboard Self Service Console Virtual or Hardware Appliance Many Administrative Improvements RSA Authentication Manager 8.1 Download Your AM 8.1 Trial License Today 2

Authentication Manager 8 Delivers Learn More http://www.scmagazine.com//rsa-tokens/review/4085/ Quotes from AM8 Beta Program We did 4.8 MILLION auths in 10 hours without a single failure. - Global Financial Institution The cleanest beta we have ever been involved with The AM8 testing has gone well and the product has functioned as advertised - Fortune 100 Customer SC Magazine Blind Product Review No opportunity to review results No support: Ship software and authenticators RSA stated Quick Set-up takes 20 minutes. Simple not true. Our entire setup was completed in 10 minutes. Version 8.0 offers multiple noticeable upgrades from version 7.0. Most noticeable is the new centralized dashboard and the way the tool works with VMware ESX & ESXi virtualization. - Large Healthcare Provider Congratulations on AM8: a DREAM COME TRUE - RSA Channel Partner, ANZ 3

AM 6.1 & AM 7.1 End of Primary Support AM v6.1 EOPS Dec 2014 No Extensions Migration Assessment Tool and Migration Training on SCOL AM v7.1 EOPS Dec 2014 No Extensions RSA SecurID Appliance 3.0 R200 and 2950 EOPS Dec 2014 R210 and R710 Based Appliances are Supported (These appliances can utilize same box upgrade to AM v8.1) 4

SecurID Software Authenticator 2.0 Blackberry 10 Aug 2013 Windows Phone Dec 2013 Android Dec 2013 ios Jun 2014 Key Features New user friendly UI with native OS look and feel Multi token support Simple QR Code token provisioning 5

AM Prime Suite Value Added Packaged Software Automates AM Operations AM Prime Component AM Integration Services (AMIS) Description Middleware facilitates & simplifies integration with AM Business logic-level REST-based web services Customer Fit Integration of custom-built web portal/tools Integration with 3 rd party Enterprise systems (AD, IVR, IDM, MDM, etc.) AM Prime Self- Service Portal (SSP) AM Prime Help Desk Admin Portal (HDAP) AM Bulk Admin (AMBA) End-user web portal expands token self-service functionality Provides tailored end user communications Simple, streamlined web-based administrative interface for day-to-day SecurID Help Desk tasks Standalone utility supports back office bulk AM operations Custom end user self-service Greater range of token provisioning and workflow Large number of Help Desk personnel Delegated administration scenarios Automation of AM admin tasks via scripted operations 6

AM Reporting Enhancement Archer Focused Solutions for AM 8.x Provides some of the most commonly requested AM reports Customers can create their own reports easily using the Archer interface Intuitive interface allows administrators to use multiple graphical formats Can be easily integrated directly with AM 8.x 7

Overview of AM v8.1 Architecture 8

System Components RSA Authentication Manager Instance AM v6.1 / AM v7.1 AM 8.1 Software: Windows / UNIX / Linux server Hardware Appliance Virtual Appliance ESX/ESXi vsphere Hardware Appliance Hardened Linux OS Web Tier AM v6.1 / AM v7.1 AM 8.1 ----- Self Service Console RBA CT-KIP (SW token provisioning) New in AM8 Agent Devices AM v6.1 / AM v7.1 AM v8.1 Current Agents function with both versions: Windows/UNIX/Linux/Web RSA Secured partner --- NG Agent Ready RSA SecurID Authenticators AM v6.1 / AM v7.1 AM v8.1 Hardware Authenticators Software Authenticators ODA (AM v7.1) ODA / RBA 9

Hardware Appliance Models Model 130 Single power supply, single disk Pre-configured bundles to support 10, 25, 50, 100, 150 or 250 users & Base license (1 Primary / 1 Replica) May be upgraded or ordered with different license Model 130 (Dell 210) can be upgraded to AM 8.1 Model 250 Designed for higher availability requirements Dual power supply, redundant disks, RAID 1 Can be ordered in a number of user/license configurations Model 250 (Dell 710) can be upgraded to AM 8.1 AM v8.1 allows mixing and matching of Primary and Replica hardware appliances and virtual appliances 10

Authentication Manager v8.1 Deployment Flexibility Primary Instance Replica Instance RSA Hardware Appliance Best Practice: Model 250 Virtual Machine Host or RSA Hardware Appliance Virtual Machine Host Virtual Machine Host or RSA Hardware Appliance 11

Authentication Manager Instances AM v6.1 / AM v7.1 RSA Hardware Appliance AM v8.1 Virtual Appliance* or RSA Authentication Manager Software RSA Hardware Appliance * Virtual Machine hosted on VMWare 12

Overview of the Migration Process 13

Definitions & Terms Upgrade: Refers to upgrading an existing hardware appliance to AM v8.1 appliance Version Name Model Type Upgrade AM v7.1 RSA Authentication Appliance (*) A130 200 No * Also termed RSA SecurID Appliance 3.0 or RSA AM 7.1 Appliance Migration: Refers to the process of moving either AM v6.1 data or AM v7.1 data directly to a AM v8.1 deployment Free Upgrade / Migration 1 : Refers to the ability to upgrade / migrate to AM v8.1 at no cost SCOL 1 : Refers to RSA SecurCare On-Line A130 210 Yes A250 700 No A250 710 Yes AM v6.1 RSA SecurID Appliance 2.0 ------- ------- No 1 REQUIRES active maintenance contract 14

Migration Migration is essentially a two phase process: Export the database information from a AM v6.1 or AM 7.1 installation Import the data into the AM v8.1 deployment 15

The amount of planning and preparation that you do impacts the ease or success of a migration and can make the process go very smoothly. 16

Upgrade Procedure Download AM v8.1 re-image files from SCOL and burn onto DVD Attach a monitor and keyboard to the Appliance Insert AM v8.1 Re-imaging DVD in the CD/DVD drive Press ALT+CTRL+DEL select Shutdown > Restart At the end of POST boot, appliance automatically ejects DVD. Close CD/DVD tray to complete reimage. System pauses for sixty seconds and resumes the imaging process. At the end of the reimaging process, appliance ejects the DVD & restarts After completion, the appliance has been upgrade to AM v8.1 Connect Appliance via a remote PC & browser Complete the Quick Setup Process 17

Migration Practices & Considerations Upgrade of an AM v7.1 Primary appliance to AM v8.1, the disk is overwritten; Reverting back to AM 7.1 may be difficult Upgrade an AM v7.1 Replica appliance to AM v8.1 Primary Maintains AM v7.1 Primary for fallback After migration to a AM v8.1 Primary is verified as successful, additional appliances can be re-imaged for use as Replicas Utilize Appliance Model 250 or Virtual Appliance as Primary Instance Higher availability through hardware redundancy or via VMWare tools For Model 250 (Primary) and Model 130 s (Replicas) deployments, an additional step is required to promote a Model 130 Replica to Primary in the production AM 7.1 deployment in order to use a Model 250 as the AM v8.1 Primary 18

AM v7.1 - General Preparations Determine if authentication services are required during the migration process Prepare AM v7.1 data by cleaning or re-structuring as needed See RSA Authentication Manager AM v7.1 to AM v8.1 Data Migration courses Determine hardware appliance Upgrade Strategy (if applicable) Install and perform Quick Setup on the new AM v8.1 appliance Perform data export from AM v7.1 and perform a test migration Make any corrections/changes or resolve conflicts and dump the data again, if needed. Migration does not affect the content of the AM v7.1 database Perform as many data exports or refresh migrations as necessary 19

AM 6.1 - General Preparations Determine if authentication services are required during migration Prepare AM v6.1 data by cleaning or re-structuring as needed See RSA Authentication Manager AM v6.1 to AM v8.0 Data Migration courses Utilize AM v6.1 Data Migration Assessment Utility Physically install and perform Quick Setup on AM v8.1 appliance Perform a data dump from AM v6.1 and perform a test migration Make any corrections/changes or resolve conflicts and dump the data again, if needed 20

Maintaining Authentication Services If maintaining authentication capability is important during migration, consider what resources are needed (for example, AM v6.1 or AM 7.1 Replica server or servers) Remember that Replica servers are read-only: No administration is possible while Primary is off line During migration, Replicas process authentication transactions and each Replica database can be migrated separately after AM v8.1 Primary goes on line Plan for contingencies if upgrading a AM 7.1 RSA SecurID Appliance 21

Pre-Migration Planning Planning AM v8.1 architecture and deployment is helpful prior to migration An architecture plan allows you to decide what equipment is needed and how it will be utilized Physical vs. Virtual / Primary vs. Replica Web Tier (New in AM 8.1) Self Service Console Risk Base Authentication SW Token Provisioning via CT-KIP Server Create deployment strategy for the overall deployment allows you to define how the administrative structure will be created helping to decide what changes can more easily be made prior to migration Goal is to reduce or eliminate authentication down time and maximize features & functions of AM 8 22

Pre-Migration Planning (cont d) Understand AMv8.1 Administrative Operations AMv6.1 and AMv8.1 have very different GUI and functionality You do not want a situation where data is migrated but you are still learning how to organize it All key administrators should have basic understanding of AMv8 Decide on a roll-back or continuity plan if migration has problems Make sure adequate backups exist 23

AM v6.1 Migration Assessment Tool Available on RSA SecurCare Online TCL script performs database analysis and identifies areas for attention Example output: Red, Yellow, Green color key to severity Links to CSV files containing specific data 24

Migration Steps 25

Install AM v8.1 Appliance Determine secure location with networking and adequate power Connect appliance power and LAN Run Quick Setup to set initial configuration Time/Date Initial administrator accounts Use Authentication Agent to test and verify operation More information regarding installation and deployment of v8.1 appliance can be found in the RSA Authentication Manager 8.1 Setup and Configuration Guide 26

Hostname/IP Configuration Configure local PC for a temporary IP address in the same subnet as Appliance Appliance initial address is 192.168.100.100 Set local PC to IP of 192.168.100.101 27

Appliance Configuration Browse to https://192.168.100.100 to run Quick Setup 28

Quick Setup Prompts for: License Requires license upgrade (avail through SCOL Date/Time confirmation or NTP server, if used OS password Super Admin username/password Operations Console username/password Network configuration (hostname, IP, subnet, gateway, DNS) 29

Migration Process Flow AM v6.1 or AM v7.1 Primary v AM v6.1 or AM v7.1 Replica w x Data exported from Primary Primary is taken off line Replica server handles auth requests AM v6.1 dump file or AM v7.1 export Data moved to v8.1 Primary & imported y u AM v8.1 Primary deployed with temporary hostname/ip z AM v8.1 Primary AM v8.1 Primary re-configured with AM v 6.1 Primary hostname/ip & starts taking auth requests 30

Migration Assistance 31

Resources RSA Authentication Manager 8.1 Documentation Help information RSA Authentication Manager 6.1 to 8.1 Migration Guide RSA Authentication Manager Setup and Configuration Guide RSA Authentication Manager Administrator s Guide RSA Authentication Manager Planning Guide Release Notes RSA Authentication Manager 32

Online and Technical Support RSA SecurCare Online Technical Support Migration Preparation Guide & Migration Assessment Tool 6.1 to 8.1 Migration Preparation Guide 33

RSA Education Services RSA offers a number of instructor-led and elearning courses RSA product training Information Security Awareness for employees Advanced Cyber Defense Visit the RSA Security Training and Certification web site and access our course listings and catalog: www.emc.com/rsa-training 34

RSA Professional Services RSA s Professional Service organization offers consulting services to assist with: Architecture design Migration management Fixed-price engagement packages Custom-quoted solutions Packaged application tools User administration Integration Services www.emc.com/services/rsa-services/professional-services.htm 35

Q & A 36

THANK YOU 37

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information