45 The setup was straightforward but sometimes it required a re-syncing of tokens. Valuable Features:It's used for basic two-factor authentication.Improvements to My Organization:It improved security.Room for Improvement:The software tokens are a huge improvement over hardware tokens but it could be cheaper.Use of Solution:I've used it for over 10 years.Deployment Issues:It's difficult to distribute to remote end-users, and two-factor authentication is difficult for some users to grasp. Our initial deployment was hampered by a flawed management approach and lack of knowledge.Stability Issues:No issues encountered.Scalability Issues:No issues encountered.Customer Service:Customer service was rarely used.Technical Support:Technical support was rarely used.Previous Solutions:There was no previous solution used.Initial Setup:It was straightforward.Implementation Team:It was implemented in-house which was a huge mistake on our part.ROI:We've not calculated this as we were mainly concerned with security.Cost and Licensing Advice:It was expensive initially, but day to day costs are minimal.Other Solutions Considered:No other options were evaluated.Other Advice:Get a vendor team or consultant to assist implementation.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
55 The setup admin guide is spot on but the installation could be more flexible. Valuable Features:It allows users to authenticate using two-factor authentication, which is becoming more and more of a regulatory requirement.Improvements to My Organization:It has streamlined the process of authentication, which has resulted allows for less calls to our Service Desk/SOC for password resets.Room for Improvement:It could be a little more flexible with the installation of the product. Only virtual Linux environements for hardware appliances are allowed for a deployment.Use of Solution:I have been using this version for over a year.Deployment Issues:There was a minor issue with getting the replica to attach. We worked through the issue and it's now functioning.Stability Issues:Never - one thing I can say about RSA is that the boxes are stable and solid. With an attached replica, it also allows for peace of mind.Scalability Issues:Our license allows for one primary instance and 15 replica's, so the answer is no. It's scalable and works very well at doing this.Customer Service:I have never had an issue with RSA's customer service, they're an easy 4/5.Technical Support:Very good. Everyone I have spoken to when a ticket needs opening, has been excellent at guiding me towards a resolution and does solid work with the knowledge transfer.Previous Solutions:Yes - we have been using since version 6.1 and the switch was made due to RSA calling EOL on all versions previous to 8.1.Initial Setup:Very straightforward as the setup admin guide is spot on and one of the best I have ever used/encountered.Implementation Team:I am RSA Certified so I handle all implementations of RSA in-house.ROI:The real ROI will happen when we implement the on-demand token code portion within the next year.Cost and Licensing Advice:The cost initially, if using hardware appliances will run around $10,000. That's with a base license (primary/replica), and also includes the cost of about 50 tokens.Other Solutions Considered:No other options were evaluated.Other Advice:If possible, hire someone to manage the installation that has a solid concept of what they're doing. Be sure to have them meet with all the teams that will need to authenticate so that all the proper connections are made from the implementation of the product.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
35 Application and appliance stability needs improvement. Valuable Features:Random token generation.Improvements to My Organization:Soft and hard tokens for two factor authentication has been introduced.Room for Improvement:Application and appliance stability needs improvement.Use of Solution:I've used it for three years.Scalability Issues:There were some scalability issues.Customer Service:6/10.Technical Support:6/10.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
45 Synchronization with AD to import all your users is very easy but self-provisioning implementation isn't great. Valuable Features:Synchronization with Active Directory to import all your users makes getting started with the product very easy. In conjunction with software based tokens and some end user training, you can be up and running with a fresh deployment in a matter of days.Improvements to My Organization:Primarily deployed as an authentication mechanism for remote access VPN users, it allows a more secure method of connecting to the network. This is especially a must have when dealing with any regulatory compliance initiatives.Room for Improvement:When the 7.x release of Authentication Manager came out, the administrative interface and user interface (for self-provision) relied on the same TCP port even though the URLs were slightly different. We did not want the same port which administrators used open to the public internally, we saw that as a security concern in the fundamental way this system operated. We were excited that the self-provision feature was now built into the box but disappointed at the implementation. We hadn’t planned on standing up a separate web server in the DMZ for the purpose of brokering the self-provision process since 99% of our users were onsite, meaning they could get their tokens prior to leaving the office. When I questioned RSA about this matter, their response was to utilize a Web Application Firewall to block access to the specific administrative URL. We thought this was a bit too involved especially now that we’d need to implement a WAF, so we changed the policy and discontinued the self-provisioning option for users. While consulting on the product, I don’t come across a lot of companies using this feature so it’s not a deal breaker for most, but it’s certainly a nice to have if you would like to offload some of the administrative overhead as the self-provision feature also allows users to reset their PIN and perform some maintenance tasks.Use of Solution:I started using this solution while working at IBM Internet Security Systems in 2007 managing client environments. Since then I’ve consulted on the product performing routine maintenance, upgrades, migrations, and administration. This has involved using RSA Authentication Manager 6.x/7.x, RSA SecurID hardware/software authenticators (tokens).Deployment Issues:Deployment is very straightforward if this is a first time install. We did go through several migrations which required some database changes and specific requirements depending on the environment and usage. I highly recommend opening a case with RSA to inform them of your migration so they can assist with any planning and inform you of any potential issues that may arise during the migration.Stability Issues:We typically deployed hardware appliances which are purpose built, so I haven’t come across any stability issues yet. I could imagine that if you under spec a virtualized environment that you could run into some performance issues.Scalability Issues:The product scales very well. With a limited license you can add an additional replica, or backup appliance, for redundancy. Depending on the licensing you purchase, you could add up to 15 replicas. We typically see anywhere from 1 to 8 replicas depending on customer requirements and their geographic locations.Customer Service:I typically dealt with the regional account manager from RSA, so customer service was always exceptional. If we needed to call the regular customer support number for administrative tasks on the account, they were always helpful and resolved our cases within a few days.Technical Support:I also highly recommend purchasing an upgraded technical support package. Our dealings with technical support have always been great due to the fact that we can bypass the typical tier 1 level and get straight to the teams who have the deeper level of expertise. In certain cases, such as dealing with complex migrations, I always dealt with the same person who was very well versed in the products and could tell exactly what was going on without having to “get back to me” or “check with their peers on this one”.Initial Setup:Included with the hardware appliances are straightforward setup instructions for racking, powering on, and initially setting them up. RSA also provides plenty of in-depth documentation, administrative guides, and knowledgebase articles right on their support website. If the information I needed wasn’t in the admin docs, I found 90% of the answers in the knowledgebase.Implementation Team:I’ve implemented the technology myself as a customer and vendor. As a customer, it was easy enough to follow the standard administrative documents to get up and running. As a consultant (vendor), having had the prior experience made it easy to provide product demonstrations and answer questions.Other Solutions Considered:Typically RSA was the incumbent and most of the time the decision was made to just stay with their products due to the initial investment. I have looked into other products and the one which came closest was Vasco’s IDENTIKEY line. Vasco had a more intuitive workflow upon the initial setup and overall administration. There was a lot less digging around in admin docs and knowledgebase articles to find answers because the layout seemed a bit more straightforward.Other Advice:Reach out to a Value Added Reseller (VAR) with plenty of experience who can match your requirements with the best solution. If RSA ends up being your selection, I would recommend subscribing to a premium support option because not only will you get a faster response from them, the quality of support is much greater.Disclaimer: I am a real user, and this review is based on my own experience and opinions.