RSA SecurID Ready Implementation Guide
Last Modified 9/4/02
1. Partner Information
Partner Name Datum
Web Site http://www.datum.com/
Product Name
Version & Platform 2100
Product Description
Product Type Dedicated Time Service
TymServe
TymServe
from multiple time sources. Computer networks and systems can be
automatically and accurately synchronized.
provides a single, unbiased time reference that draws
1
2. Contact Information
Sales Contact Support Contact
E-mail tymserve@datum.com support.tymserve@datum.com
Phone 781-372-3636 781-372-3675
Web www.datum.com
www.datum.com
2
3. Solution Summary
The TymServe product co-exists with an ACE/Server on the same system,
assuring that the system clock that the ACE/Server relies upon is as accurate as
possible. Because SecurID authentication is based on time synchronization
between RSA SecurID tokens and the ACE/Server, this prevents clock drift of the
server, making SecurID authentications more reliable. An accurate system clock
also assures that ACE/Server audit trail messages include accurate time stamps for
activity.
4. Product Requirements
Client Software
The TymServe is a stand-alone timeserver that distributes time over a TCP/IP
network including Internet, using the Network Time Protocol, NTP. The TymServe
acts as a primary timeserver that broadcasts or responds to the specific time
request packet to the server, the server affixes its current time and returns the
packet, and the client software processes the time data to adjust its local clock.
Sources from where the NTP client software can be obtained and advice on how to
install the client software is given in the reference listing in the back of the
TymServe 2100 Network Time Server User’s Guide.5.
5. Partner ACE/Agent configuration
ACE/Server has been tested and certified to operate on a server that is using
Datum’s TymServe 2100 timeserver. There are no extraordinary configuration
requirements for RSA ACE/Server in this environment, and there is no impact to
either ACE/Server’s operation or the timing service provided by Datum.
3
6. Certification Checklist
Date Tested: Wednesday, May 01, 2002
The following tests were performed with RSA’s ACE/Agent for Windows NT to assure
proper agent and ACE/Server operation when TymServe is used to derive time on the
same system:
Product Tested Version
ACE/Server 5.0.01
ACE/Agent N/A
TimeServ 2100
Test
1st time auth. (node secret creation)
New PIN mode:
System-generated
Non-PINPAD token P P
PINPAD token P P
User-defined (4-8 alphanumeric)
Non-PINPAD token P P
Password P P
User-defined (5-7 numeric)
Non-PINPAD token P P
PINPAD token P P
SoftID token P P
Deny 4 digit PIN P P
Deny Alphanumeric P P
User-selectable
Non-PINPAD token P P
PINPAD token P P
PASSCODE
16 Digit PASSCODE P P
4 Digit Password P P
Next Tokencode mode
Non-PINPAD token P P
PINPAD token P P
Replica Servers
User Lock Test (ACE Lock Function)
No ACE/Server
P
P P
P P
ACE
RADIUS
JRV *P=Pass or Yes F=Fail N/A=Non-available function
4
7. Known Issues
• None
5
Loading...