RSA Delivers Business Continuity And Expanded Deployment Options In Next Generation Authentication Platform

BEDFORD, Mass - April 08, 2008 -

RSA, The Security Division of EMC (NYSE: EMC), today announced the next generation of RSA® Authentication Manager, the software management platform and the power behind the flagship RSA SecurID® solution.

Building on its industry-leading reputation and including extensive additions to its features and functionality, the new RSA Authentication Manager version 7.1 continues to meet the evolving Identity Assurance needs of customers by providing business continuity options—in the event that a large number of users unexpectedly have to work offsite—along with extended authentication choices and enhanced operational efficiencies.

RSA Authentication Manager, which powers the authentication of more than 25 million RSA SecurID users worldwide, is the de facto standard in strong authentication, helping to minimize risk associated with identity impersonation and inappropriate account use while allowing trusted identities to freely and securely interact with corporate systems.

"Rapidly-evolving business models demand flexible and robust solutions that can deal seamlessly with complex risk scenarios while concurrently reducing deployment costs and enhancing productivity," said Chris Christiansen, VP of Security Products & Services at IDC. "RSA is advancing its flagship authentication solution to meet these challenges. It is adding streamlined and centralized credential administration and more dynamic choice to allow businesses to meet a range of needs and contingencies."

"This is a significant step forward and a key piece in the end-to-end Identity Assurance solutions that customers can expect from RSA. Security threats are evolving more rapidly than ever before—and so therefore is the need for a more flexible and intuitive authentication system," said Christopher Young, Vice President and General Manager, Identity and Access Assurance Group, RSA. "The new enhancements in RSA Authentication Manager 7.1—along with the rest of RSA's Information Risk Management portfolio—provide the core components for customers to form a solid and scalable security infrastructure, now and in the future."

The new functionality in RSA Authentication Manager 7.1 is engineered to provide customers with powerful and seamless user authentication experiences, which are not only secure, but which also allow support for new business models. RSA has designed RSA Authentication Manager 7.1 to expand and enhance the provisioning of secure access for employees, customers, and partners—aking it easier than ever for partners and customers to strike the perfect balance between risk, cost and convenience. New offerings include:

Business Continuity

The new business continuity offering in RSA Authentication Manager 7.1 is built to allow RSA customers to temporarily expand a server license for a period of time, to meet an influx of a large number of remote access users. This expansion could occur during a business disruption or emergency, when many employees may have to work from remote locations for an indeterminate length of time. A Self Service module facilitates around-the-clock 'on the fly' deployments, so that users can register, request and receive credentials without overwhelming the IT help desk. The business continuity feature complements what many VPN vendors offer, a cost-effective "bursty access" method which gives the customer the ability to accommodate large numbers of additional users quickly and without requiring a permanent license.

Extended Authentication Methods

The solution also introduces support for new authentication methods to allow flexible deployment and lower management costs. New methods are engineered to include:

• On-demand Authenticator — delivers token codes via short service message (SMS) or email and requires no physical token to be assigned, or software to be installed.
• Dynamic Seed Provisioning — using RSA's proprietary Cryptographic token key initiation protocol (CT-KIP) to enable the more rapid deployment and set-up of software tokens, this allows the seeding and commissioning of a software token without sending the seed file over the network.
• Built-in Management Support for Global Messaging Vendor Clickatell — a built-in interface to use with Clickatell, a worldwide mobile messaging company, to help administrators securely assure global SMS delivery of large numbers of on-demand authentications.

Enhanced Operational Efficiencies

RSA Authentication Manager 7.1 also is designed to include a set of capabilities, features and applications to make the solution easier to administrate, to lower the total cost of ownership, and to facilitate the leverage of existing IT resources. New operational features are engineered to include:

• Broad Integration into the IT Environment
  • Native LDAP Support — RSA Authentication Manager 7.1 supports true native LDAP for connection to Microsoft® Active Directory® directory service and Sun™ ONE databases.
  • Microsoft Management Console Support — A Microsoft Management Console snap-in is supported so that IT administrators can manage basic token lifecycle issues utilizing this application.
• Web-Based Management — A browser-based graphical user interface, along with re-optimized menus, gives administrators the capability to centrally manage the full scope of functions, all from a single login.
• Delegated Administration — which enables a 'super-administrator' to set up lower-level administrators to manage policies, users, groups, tokens and agents.
• RSA® Credential Manager — This offers workflow provisioning and an end-user self-service console which provides a mechanism for new and existing users to manage all aspects of their token lifecycle. For example, a user can report a lost token, gain emergency access, reset a PIN, request an On-demand Authenticator, update a profile and more.

"RSA has long been committed to delivering the most comprehensive flexibility and choice in two-factor authentication and authorization for our mutual customers, and this solution—along with its relentless focus on ease-of-management—takes our opportunity to the next level," said Preston Hogue at NCA. "Regardless of the size of the organization, it is critical that businesses are able to set policy on who has access to what information, what types of credentials they have and how to manage the lifecycle of those credentials. This provides a foundation for determining the source of the individual being authorized, the classification of the assets they are accessing and lastly the level of credentials required, based on the value of that asset. With RSA solutions, we are finally approaching an authentication and authorization platform that takes into account the assets being protected. The mechanisms and choice of authentication and authorization from RSA provide the market with efficient and cost-effective ways to assure identities—and to have the necessary confidence in who is accessing corporate resources."

Availability

RSA Authentication Manager 7.1 will be available worldwide in Q2 2008; any current RSA SecurCare® customers licensing a prior version of RSA Authentication Manager are eligible to upgrade to an RSA Authentication Manager 7.1 license.

More information on RSA's announcements and related initiatives may be found online at www.rsa.com/rsaconference2008/. In addition, RSA's information risk management solutions, services and partners will be featured in Booths #1717 and 1817 at RSA Conference 2008, April 7-11, 2008, at the Moscone Center in San Francisco.