Security server and SecurID..

rwhittaker · ‎04-13-2010

Greetings:

I have a view 4.0 environment setup, and my ideal would be this:

Internal connections to View do not require SecurID credentials to start.

External connections to View DO require SecurID credentials to start. I thought, mistakenly that setting up Security Server would let me do this. Is this design possible?.. I still want all pools on the backend to be the same and available to their entitled users.

Thanks,

Richard.

mpryor · ‎04-14-2010

SecurID is set up on a per-connection server basis. Set up two connection servers (one as a replica), then configure SecurID on only one. Point users that need to use SecurID to your securID CS, and the rest to the other. If you're using a security server in order to expose View externally, make sure to pair it with the connection server that's configured for SecurID so that all external users will have to go through SecurID authentication.

Mike

rwhittaker · ‎04-14-2010

SecurID is set up on a per-connection server basis.

Excellent! Thanks for the info... I will get this setup..

Regards,

Richard.

--

Richard Whittaker, CISSP

Config Manager, Hardware and O/S

NorthwesTel Inc.

(867) 393-7756

rwhittaker · ‎04-14-2010

Followup to this:

Is it possible to setup SSL on a per connection server basis?... I'd like our internal one to be non-SSL, and our external one (for obvious reasons) to be SSL...

Thanks,

Richard.

mpryor · ‎04-14-2010

I think the use-SSL option is global rather than per-server in the admin UI. It should be configurable manually in ADAM but a simpler way would be to simply turn off SSL on the global level (i.e. for all connection servers), in that case the security server will still be configured to use https and all the connection servers will be http. Since all external users will go through the security server you'll still get SSL.

All

Security server and SecurID..