Michael Morse <[EMAIL PROTECTED]> queried the Listocracy:
>> Anybody have a terminal server authenticating with SecurID?
Bennett Todd <[EMAIL PROTECTED]> responded with his customary helpfulness:
>Two jobs ago, we did. It was a Cisco 2511, and as I recall it was setup to use
>TACACS for auth, and we had software on a Sun from Security Dynamics to
>do TACACS protocol for SecurID. <snip>
Bennett probably had a choice of either TACACS+ or RADIUS with a
Cisco 2511 -- just as he would have had with any other Cisco NAS (2509,
3620, 3640, AS5200) or a PIX.
The ACE/Server, as shipped, includes both AAA servers.
I could run through your options for ACE/SecurID-compatable
communication servers, but there are a lot of them. RSAS, formerly Security
Dynamics, has been collecting partners in this niche for a decade -- even
longer than I've been a consultant to the company;-)
Instead, I recommend you check out the RSAS website. It has a long
list of ACE/SecurID partners, broken by market segments, and a really useful
library of implementation guides online. For your particular concerns, look at:
<http://www.rsasecurity.com/support/guides/remote.html> and
<http://www.rsasecurity.com/support/guides/radius.html>.
The implementation guides are written by the RSAS field engineers
and they do a pretty good job.
Surete,
_Vin
+
"Cryptography is like literacy in the Dark Ages. Infinitely potent, for
good and ill... yet basically an intellectual construct, an idea, which
by its nature will resist efforts to restrict it to bureaucrats and others
who deem only themselves worthy of such Privilege."
_A Thinking Man's Creed for Crypto _vbm
* Vin McLellan + The Privacy Guild + <[EMAIL PROTECTED]> *
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
