.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
Cisco Umbrella - SecurID Access Implementation Guide
Cisco Umbrella - SecurID Access Implementation Guide
Certified: April 31, 2021
Solution Summary
Use Case
When integrated, Cisco Umbrella end users must authenticate with RSA SecurID Access to sign in. Cisco Umbrella can integrate using SSO Agent or Relying Party.
Integration Types
SSO Agent integrations use SAML 2.0 or HFED technologies to direct users’ web browsers to Cloud Authentication Service for authentication. SSO Agents also provide Single Sign-On to other applications using the RSA Application Portal.
Relying party integrations use SAML 2.0 to direct users’ web browsers to Cloud Authentication Service for authentication.
Supported Features
This section shows all of the supported features by integration type and by RSA SecurID Access component. Use this information to determine which integration type and which RSA SecurID Access component your deployment will use. The next section in this guide contains the steps to integrate RSA SecurID Access with Umbrella for each integration type.
Cisco Umbrella Integration with RSA Cloud Authentication Service
- Authentication Methods: RSA SecurID
- Authentication API: -
- RADIUS: -
- Relying Party: ✔
- SSO Agent SAML: ✔
- SSO Agent HFED: -
- Authentication Methods: LDAP Password
- Authentication API: -
- RADIUS: -
- Relying Party: ✔
- SSO Agent SAML: ✔
- SSO Agent HFED: -
- Authentication Methods: Authenticate Approve
- Authentication API: -
- RADIUS: -
- Relying Party: ✔
- SSO Agent SAML: ✔
- SSO Agent HFED: -
- Authentication Methods: Authenticate Tokencode
- Authentication API: -
- RADIUS: -
- Relying Party: ✔
- SSO Agent SAML: ✔
- SSO Agent HFED: -
- Authentication Methods: Device Biometrics
- Authentication API: -
- RADIUS: -
- Relying Party: ✔
- SSO Agent SAML: ✔
- SSO Agent HFED: -
- Authentication Methods: SMS Tokencode
- Authentication API: -
- RADIUS: -
- Relying Party: ✔
- SSO Agent SAML: ✔
- SSO Agent HFED: -
- Authentication Methods: Voice Tokencode
- Authentication API: -
- RADIUS: -
- Relying Party: ✔
- SSO Agent SAML: ✔
- SSO Agent HFED: -
- Authentication Methods: FIDO Token
- Authentication API: n/a
- RADIUS: n/a
- Relying Party: ✔
- SSO Agent SAML: ✔
- SSO Agent HFED: -
- Authentication Methods: Identity Assurance
- Authentication API: -
- RADIUS: -
- Relying Party: -
- SSO Agent SAML: -
- SSO Agent HFED:
Cisco Umbrella Integration with RSA Authentication Manager
- Authentication Methods: RSA SecurID
- Authentication API: -
- RADIUS: -
- Authentication Agent: -
- Authentication Methods: On-Demand Authentication
- Authentication API: -
- RADIUS: -
- Authentication Agent: -
- Authentication Methods: Risk-Based Authentication
- Authentication API: n/a
- RADIUS: -
- Authentication Agent: -
- Column 1: ✔
- Column 2: Supported
- Column 1: -
- Column 2: Not supported
- Column 1: n/t
- Column 2: Not yet tested or documented, but may be possible.
- Column 1: n/a
- Column 2: Not applicable
Configuration Summary
Cisco Umbrella is the enterprise network security product suite designed to enforce security policies for mobile employees who work beyond the corporate network using roaming devices like laptops, mobiles etc. and provides granular network security for all devices behind the network perimeter. IT administrators can define policies, provision devices, and view reports across users, sites, networks, groups, and devices. The company also launched the Security Graph which is a data-driven threat intelligence engine that automatically updates malware, botnet, phishing domain and IP blacklists enforced time to time. Cisco Umbrella does not provide feature of auto-provisioning the user
The following links provide instructions on how to integrate Cisco Umbrella with RSA SecurID Access.
This document is not intended to suggest optimum installations or configurations. It assumes that the reader has both working knowledge of all products involved, and the ability to perform the tasks outlined in this section. Administrators should have access to the product documentation for all products in order to install the required components. All RSA SecurID Access and Cisco Umbrella components must be installed and working prior to the integration.