RSA Authentication Manager
Strengths: Scalable, made for large environments, integration with many applications.
Weaknesses: None found.
Verdict: It’s clear why this is one of the most popular dual-factor authentication products. Recommended.
The RSA Authentication Manager is a dual-factor authentication system designed from the ground up for enterprise deployment. It is one of the most widely deployed systems out there and is available in many different configurations to fit the needs of any business. In the backend, RSA Authentication manager can run as a VM or preconfigured hardware appliance. RSA has preconfigured VMs available for Hyper-V and VMware virtualization platforms. End-users can then select from a credit card-sized token, the traditional dongle token, the more advanced USB dongle token, the software token or the mobile device authenticator. Mobile device authenticator apps are available for iOS, Windows Phone, Android and BlackBerry. For larger organizations, individual RSA Authentication Manager Instances can be set up in a pool for load balancing capabilities. Also available is a self-service component, where users can reset their PINs or create requests for new tokens.
We received RSA Authentication Manager as a preconfigured virtual appliance for VMware. In addition to the software kit, we received 25 SecurID dongles, 25 SecurID 800 dongles and 25 software token licenses. After we removed everything from the box, we logged into our VMware ESX server and inserted the provided CD containing the VM. In VMware, we opened the CD and discovered an OVA file with the VM in it. After opening the OVA, we accepted the license agreement and VMware did the rest. After it was done copying files, we powered on the VM to complete the VM equivalent of hardware setup. After booting, the Authentication Manager VM automatically started a Linux shell script which ran us through the network configuration. Here, we set up our network settings by following the wizard. Once the network settings were configured, the VM then continued starting up and eventually stopped at a screen which provided us with a quick setup code and prompted us to complete configuration in our web browser. We went to the webpage to upload our license, set the passwords for various accounts and set up the time. Overall, setup was very easy and, for the most part, entirely automated.
Once we were done with the initial setup of the device, we logged into the administration page for RSA Authentication Manager. After logging in, we were greeted by a well-designed web page which covered all aspects of administering the system. We were pleased with the speed of the system. Throughout testing, the web interface was extremely fast with barely any loading time at all. We set up a few test users and began token setup. Along with the tokens, we also received a CD containing the files required to import the tokens. Using the wizard-based system, we directed Authentication Manager to the file on the CD that corresponded to our tokens. RSA uses these files to synchronize the tokens to the server. One of the features we like about this product is its risk-based authentication capability. This is useful for organizations where it is not feasible to assign a token to contractors or other short-term employees. Users log in normally, but if the risk-based authentication algorithm detects that something may be abnormal, users will be prompted to answer security questions. We were also impressed with the number of applications that can be integrated into Authentication Manager.
As well as all of the items submitted for review, RSA also included a CD containing documentation for the various components of the system. In addition to that, the tokens included a paper quick-start guide detailing their setup. The documentation was detailed but easy to follow.
RSA offers support based on the number of licensed users. Support pricing varies based on the exact number of users, but costs between $3 and $5 per user per year. RSA only offers one support option, but this includes 24/7 telephone, email and chat assistance. Customers also get access to the RSA support website, which includes online ticket management and a knowledge base.RSA Authentication Manager is more expensive that other alternatives, but it also comes with several features not found anywhere else. RSA is built from the ground up to be used in an enterprise environment and it is clear when using the tool. Its scalability means that users can set up only on Authentication Manager in smaller environments and then add more as load increases or the business grows. This combined with its tight integration with popular business applications makes it a great choice for organizations of all sizes. Our pick for Recommended.