Presentation is loading. Please wait.

Presentation is loading. Please wait.

Integrating RSA SecurID into the Check Point Secure Virtual Network

Published byDarcy Ray Modified over 7 years ago

Similar presentations

Presentation on theme: "Integrating RSA SecurID into the Check Point Secure Virtual Network"— Presentation transcript:

1 Integrating RSA SecurID into the Check Point Secure Virtual Network
Why re-inventing the wheel?: Integrating RSA SecurID into the Check Point Secure Virtual Network Yasushi Kono (ComputerLinks Germany)

2 Why SecurID Authentication?
It is a two-factor authentication solution. More secure because authentication is consisting of two components: (look at the next slide)

3 A PIN (can be alphanumeric, and can be up to 8 digits)
A Token Code, which is a series of pseudo random numbers. This code will be generated by the RSA SecurID Tokens.

4 Example for some Tokens:
SD200 SD520 SD600 SID700 SID800

5 Characteristics of some tokens:
Supports numeric PINs (4 to 8 digits) Passcode consists of the PIN followed by the token code SD200 SID800 SD600 SID700

6 Supports only numerical PINs
The passcode will be generated by typing the PIN with the keypad SD520

7 The Architecture of RSA SecurID

8 If you want to integrate the RSA SecurID solution into your Check Point infrastructure…
Your Check Point Security Gateway is „SecurID Ready“ and acts as an RSA Authentication Agent. No need to install any Agent software on your Check Point Firewall device!

9 The only thing you have to do on your Check Point Gateway (besides configuring and installing a policy): Create a subdirectory called „ace“ beneath the /var directory. Copy the file $ACE/data/sdconf.rec into the /var/ace directory of your Security Gateway.

10 Use SmartDashboard to create a user and specify SecurID as Authentication Scheme:

11 Make sure that SecurID is activated as Authentication Scheme in the Gateway object:

12 Finally, you have to create a policy, which can be one of the following:
User Authentication Client Authentication Session Authentication RemoteAccess VPN Rule

13 But, sometimes, life is not that easy!
You have to create the file sdopts.rec within the /var/ace directory of your Security Gateway.

14 The syntax of the sdconf.rec file is just:
CLIENT_IP= This modification is necessary about 60% of RSA SecurID configuration out there!

15 I will demonstrate now, how to integrate the RSA SecurID Authentication with Check Point VPN-1 Power:

16 DISCLAIMER: As you might already know… I am not responsible for unsuccessfull attempts of integrating SecurID into your environment!

17 Thank you for attending this presentation!

Download ppt "Integrating RSA SecurID into the Check Point Secure Virtual Network"

Similar presentations

© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo for Call Center Call Center on a Stick Ceedo for Call Center Presentation.

© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo for Call Center Call Center on a Stick Ceedo for Call Center Presentation.
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo for Citrix Optimal User Experience & Maximum IT Control Ceedo for Call.

© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo for Citrix Optimal User Experience & Maximum IT Control Ceedo for Call.
Microsoft Windows Server 2008 Software Deployment Chris Rutherford EKU Technology: CEN/CET.

Microsoft Windows Server 2008 Software Deployment Chris Rutherford EKU Technology: CEN/CET.
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
Securing Remote Network Access FirePass ®. Business Case VirginiaCORIS is an initiative to modernize the way that offender information is managed, to.

Securing Remote Network Access FirePass ®. Business Case VirginiaCORIS is an initiative to modernize the way that offender information is managed, to.
Introduction to ISA 2004 Dana Epp Microsoft Security MVP.

Introduction to ISA 2004 Dana Epp Microsoft Security MVP.
WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, 2009 05/30/2009.

WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, /30/2009.
IT:Network:Applications VIRTUAL DESKTOP INFRASTRUCTURE.

IT:Network:Applications VIRTUAL DESKTOP INFRASTRUCTURE.
ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.

ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
RSA SecurID November 10, 2005.

RSA SecurID November 10, 2005.
CACI Remote Access CACI has a range of remote access tools for offsite employees who need to connect to resources inside the CACI private network. 2012.01.09.

CACI Remote Access CACI has a range of remote access tools for offsite employees who need to connect to resources inside the CACI private network
RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.

RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.
Authenticating Users Chapter 6. Learning Objectives Understand why authentication is a critical aspect of network security Describe why firewalls authenticate.

Authenticating Users Chapter 6. Learning Objectives Understand why authentication is a critical aspect of network security Describe why firewalls authenticate.
Implementing Network Access Protection

Implementing Network Access Protection
Integrating LDAP into Check Point Secure Virtual Network Yasushi Kono (ComputerLinks Germany)

Integrating LDAP into Check Point Secure Virtual Network Yasushi Kono (ComputerLinks Germany)
Security Infrastructure Overview - VPN Suresh Ramasamy.

Security Infrastructure Overview - VPN Suresh Ramasamy.
Module 8: Configuring Network Access Protection

Module 8: Configuring Network Access Protection
Lieberman Software Random Password Manager & Two-Factor Authentication.

Lieberman Software Random Password Manager & Two-Factor Authentication.

Similar presentations

Ads by Google