Is Native SecurID Supported in NG?

[BarryStiefel]

Is Native SecurID Supported in NG?



Yes, native SecurID authentication IS supported in NG FP3 - even on IPSO. In earlier NG releases, native SecurID wasn't possible, though if you configured your SecurID server as a RADIUS server, Check Point could be configured as a RADIUS client to communicate to the SecurID server.

NG FP3 and above uses the new ACE 5 API with support for load sharing between replicas. The initial authentication exchanges the node secret and a file called sdstatus.12. This file has information on replicas and their priority. Priority is based on a periodic round trip time test. Various reports have suggested that ACE Server 5.0.2 or better is required to work in NG, previous versions will have major issues.

-- PhoneBoy - 29 Dec 2003

FAQForm FAQs.Class: AuthenticationFAQs OperatingSystem?: FAQs.Version: NG FP3