Looking to see if anyone has successfully implemen...

Chuck_ · ‎02-20-2009

There are 2 options
1 Put a RADIUS server between RSA and firewall, define groups in the radius server and provide that group information to the FW.

2 See if there is a way to define this group information in RSA SecureID and only authenticate users if they belong to a certain group.

Chuck_ · ‎02-20-2009

But Juniper documentation also says that user groups will not work with SecureID tokens so basically it appears option 1 is what we need to implement

I know Juniper sells and wants us to implement their UAC authentication, but we are heavily invested in RSA technology, and the tokens do work properly with our current Symantec firewalls that need to be replaced

aronow_ · ‎02-24-2009

Chuck,

SecureID works fine with UAC. The FW would then not authenticate you to the Radius server, but the IC would authenticate you to the RSA box. You could then either use the UAC agent on your workstations or use agentless access through a web browser. Then we can do either SourceIP to the FW or do individual VPN's from the endpoints to the FW. Also, uac integrates with 802.1x capable switches for even more security.

Looking to see if anyone has successfully implemented SecureID tokens with Juniper firewalls

Looking to see if anyone has successfully implemented SecureID tokens with Juniper firewalls

Re: Looking to see if anyone has successfully implemented SecureID tokens with Juniper firewalls

Re: Looking to see if anyone has successfully implemented SecureID tokens with Juniper firewalls