Before you begin
To enable and use RSA SecurID two-factor authentication, first use RSA Authentication Manager to create a custom agent for the Forcepoint Security Manager. This agent is used to communicate with
the RSA Authentication Manager server when you test the connection on the page , and during the logon process.
To create a custom agent:
Steps
- In RSA Authentication Manager, add an Agent Host with the following minimum settings:
| Name |
Hostname of the Forcepoint management server. Must resolve to a valid IP address on the local network.
|
| Network Address |
IP address of the Forcepoint management server. |
| Agent Type |
Select Standard Agent. |
| Encryption Type |
Select DES. |
-
Click Generate Configuration Files.
-
Copy the RSA Authentication Manager configuration file (sdconf.rec) to the following directory on the Forcepoint management server:
C:\Program Files (x86)\Websense\EIP\tomcat\wbsnData\ rsaSecurID\
Note: By default, the sdconf.rec file is located in the ACE\Data folder on the RSA Authentication Manager server.
-
If a node secret file (securid) exists, copy this file to the above directory as well.
-
Make sure no administrators are logged on to the Forcepoint Security Manager.
-
On the Forcepoint management server, open the Windows Services tool.
-
Right-click the service Websense TRITON Unified Security Center and select Restart.