Transcription
Your Trusted Security PartnerRSA SECURID HEALTHCHECK2MN LTDwww.2mn.co.ukTelephone: 44(0)8709192892The SecurID Healthheck is designed for IT Securityprofessionals who implement and maintain RSASecurID solution to help increase operationalefficiency, maximize system uptime, and reduce costs.Email: info@2mn.co.uk1
Your Trusted Security PartnerY, N,NAF, OCommentsSERVER I STALL/CO FIG REVIEWPRIMARY SERVER I STALL/CO FIG3Does the Hardware comply with the InstallRequirement?Is the server a single IP or Multi-interfacesserver?Has a FQDN been assigned to the server?4Has the Server been installed successfully5Has the server been configured with its FQDNor short name (hostname)?FQDN recommendedAre all required services present and running?1267Is the back-end database recordingactivities and creating server log?8Is the server Log Monitoring andAuditing recording any activities?Is Server running in production ordebug mode? Are logs rotatingdaily?Is the server clock in synch with the systemclock?Is the server’ side authentication working?(Remote mode test or sdtest)?Is there an Admin User Account with a tokenor static password assigned?Is the server an agent host itself with a nodesecret set?Is the server configured as a Radius client*with a shared secret and Radius ports set?Is the server in a DMZ or a Domain member?910111213141516Is there any scanning or monitoring toolinstalled? If yes, is it excluding the RSAdirectory during its scan?2
Your Trusted Security PartnerREPLICA SERVER I STALL/CO FIG1718Is Replica Server getting updates from Primary(example, is a new user creation replicated)?Can users authenticate on Primary and Replica(Failover testing)?LDAP USERS SY CHRO ISATIO 1920For LDAP Synch, are users being added orupdated from the remote LDAP?Are LDAP Synch updates showing in the LogMonitor?PRIMARY RADIUS SERVER2122232425Radius, Is the Radius Management consoleaccessible?Is the Replica Server added as a SecondaryRadius?Is Radius Replication up-to-date from theRadius Management?Are Radius Clients also present as Agent hostin the SecurID server?Is Radius Test from NTRadping working fromthe RSA server and radius client computer?CLIE T I STALL/CO FIG REVIEW12Is the client defined as an agent host in theserver?Is the client defined with its FQDN?3Can the client resolve the serverFQDN (forward/reverse)?4Has the client config file been createdand available in the default location/system32/ for windowsor /var/ace for UNIX/LinuxIs the client a multi-home workstation?567Has a secondary node entry been addedfor that multi-home client?Is the client a DHCP or static IP client?For DHCP client, was the auto-registration toolinstalled on the client?Is the RSA server configured to allow autoregistration?3
Your Trusted Security Partner78910Are the agent registry keys set properlyHKLM/RSA/STDI/?Does the client display the server’s status asactive?Can the client authenticate against the Primaryand Replica server?Does the Server Log Monitor show the agentactivity?RADIUS CLIE T1112131415Radius Agent (VPN concentrator) defined asRadius client and RSA agent?Is the Concentrator an RSA securID “ready”device?Is the concentrator configured to forwardauthentication request to the RSA Radius?Is basic authentication from the concentratorworking without RSA integration?Are Radius profiles being forwarded alongwith the user credentials?U IX AGE T16171819Did the PAM agent install ok?(correct PAM version for UNIX/Linux version)IS PAM /bin/acetatus displaying the serverstatus as active?Is PAM authentication working (/bin/acetest)?Are all securID required agent files presentwith the correct permission?/var/ace755 sdconf.rec755 nodesecret755 sdstatus.12RSA AGE T API20Does the rsa api.properties point to thedefault config files location?SDCONF LOC /var/ace/sdconf.recSDSTATUS LOC /var/ace/sdstatus.1SDOPTS LOC /var/ace/sdopts.recSDNDSCRT LOC /var/ace/securid4
Your Trusted Security PartnerBACKUP A D RESTOREIs there a backup strategy in place?1How often is the server backup?Are the backup data, the system files and2license file stored in a safe place?sddump, server.cer, server.key, license.rec3Can the system be restored to an operationalmode using the recent backup data?Y Yes, N No, NA Not Applicable, F Finding, O Observation5
Your Trusted Security PartnerDate(s) of Assessment:Project:Assessor(s):Review Examined:COMME TS PAGE#ofComments and Recommendations from assessment6
RSA SECURID HEA LTHCHECK 2MN LTD www.2mn.co.uk Telephone: 44(0)8709192892 Email: info@2mn.co.uk The SecurID Health heck is designed for IT Security professionals who implement and maintain RSA SecurID solution to help increase operational . 12 Is there an Admin User Account with a token or static password assigned? 13 Is the server an agent .
