Vin McLellan <me> wrote:
> > The ACE/Server's administrative capabilities have been enormously
> > upgraded in recent versions (v.4.X) -- but it is still not trivial to set
> > it up the RSA authentication server, or to manage it over time.
Paul D. Robertson <[EMAIL PROTECTED]> replied:
>Not to mention the lack of Linux client library support unless you want to
>pay an exorbitant consulting fee. :(
Hi Paul:
Hot News flash off the Mojo! The ACE/Agent for Linux should be
available free from RSA in the near future. RSA and Red Hat recently
concluded a deal that broke the logjam for ACE/Agents on Linux, although I
haven't seen any formal announcements yet.
I understand that Red Hat offered to ship the RSA ACE/Agent for
Linux on the Red Hat CD -- presumably for Red Hat 7.X, sometime next year.
Meanwhile, RSA will make its ACE/Agent for Linux -- recently
requalified for Red Hat Linux 6.2 -- available for download off its website.
I don't know the timetable on this, but it should be available
soon. Check out:
<http://www.rsasecurity.com/products/securid/rsaaceagents.html>
That's the URL where RSA offers free ACE/Agents for WinNT, Win2K,
UNIX (Solaris, HP-UX, AIX), Domino, iPlanet, Novell (NMSA/NDS) and Novell
Netware Connect. AFAIK, the only agents for SecurID authentication that RSA
still charges for are the "Big Blue" ACE/Agents, for the IBM AS400 and IBM
mainframes.
(Sean, fyi: Version 1.0 of the Win2K ACE/Agent -- which is also
being distributed on Microsoft's Win2K CD -- also provides ACE/SecurID
support for Win2K VPNs using EAP. The Windows ACE/Agents also support IIS.)
RSA will support only Red Hat Linux, I was told. RH Linux has
reportedly been the focus of 8 out of 10 Linux questions RSA has received
from its current customer sites.
RSA still doesn't have its own ACE/Agent for Apache, although
their various ACE/Agents for the Web -- IIS, iP, Domino -- have been pretty
popular.
Many of the RSA Sales Support Engineers (SSEs) now seem to point their
customers toward Patrick Asty's SecurID module for Apache:
<http://www.micronet.fr/~pasty/mod_securid>
For several years, RSA has also steered its Apache-minded
customers toward one of several RADIUS modules for Apache, since a RADIUS
server is integrated into the ACE/Server. (It's a popular combination. The
ACE/Server and the RADIUS server can now even share a single RDBS for user
records.)
Suerte,
_Vin
PS. I've been a consultant to RSA for many years, but I don't speak for
anyone but myself. RSA speaks for itself. Please don't redesign your
network until after RSA confirms the availability of its ACE/Agent for
Linux. Plans can change, agreements can fall apart, etc.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
