Template SoW: RSA 6.1 to 8.1 Single Hardware Appliance Migration with Citrix Access Gateway

Scope of works:

 Consultancy

1 Days RSA Authentication Manager Consultancy

  • Installation RSA 130 Appliance
  • Migration of data from version 6.1 to version 8.1

 Scope of Work

 Installation of Primary RSA 130 Appliance

  • Integrate with Citrix Access Gateway – 4.5
  • Confirm migration by testing authentication
  • Provide skills transfer as time allows

Caveats

RSA Installation

  • Customer to supply RSA version 8.1 Appliance, Tokens, token seed Files & licenses
  • 8.1 License file may need to be downloaded from RSA Download Central at https://download.rsasecurity.com if not already obtained
  • Use the credentials and the license serial number  that RSA e-provided to you to log on to the site and download the license file. If you did not receive an e-mail with the logon credentials, contact the RSA Exceptions (support) Desk by sending an e-mail with your contact information and license serial number (provided in your order confirmation) to support@rsa.com or contacting 01344 781100
  • Further details on the process are available in a 5 min youtube video here: http://www.youtube.com/watch?v=5e9tawZ8JfU
  • The location of the license file before running the appliance Quick Setup Process
  • The network information for each appliance must be provided: the fully qualified domain name (FQDN), static IP address, subnet mask, default gateway, and DNS server IP addresses
  • RSA Servers will need fully qualified Hostnames configured in DNS (forward & reverse lookups)
  • RSA server will need to be synced to an NTP time source – it is assumed that this is the same time source as previous installation – differences in time can impact user authentications
  • Any Firewalls must be configured to allow all RSA & other components to communicate with one another
    • HTTPS, TCP 7004 & 7072 Ports required for Administration Consoles – these must be allowed through Firewalls from wherever administration performed on network
    • UDP 5500, 1812, 1813 required for RSA Authentication from Citrix
  • A test Agent can also optionally be installed to Windows PC to test Authentication of system prior to migration of 6.1 Data if required – the agent is freely downloaded from the RSA website here: http://uk.emc.com/security/rsa-securid/rsa-authentication-agents/windows.htm

Third Party Product integration

  • Integration with Citrix Access Gateway will be configured based on supported configuration as determined by documentation at https://www.rsasecured.com
  • The versions of third party agents are assumed to be versions listed in the guides on the https://www.rsasecured.com site.
  • Number of 3rd party product testing post migration will be as time allows – unless exact number is determined before consultancy.
  • Customer is responsible for any integrated 3rd party products.

Migration of 6.1 Data

  • Current RSA version is Authentication Manager 6.1.2 with a Primary & Replica – version 8.1 will only be installed on single purchased appliance
  • Existing version must be already installed & working correctly
  • Full connectivity to 6.1 Installed RSA systems and Administrative Access to be supplied
  • Downtime to stop RSA 6.1 Server to take database dump files – 15minutes
    • Migrating Log data is optional
    • Migrating any replica Server data is optional
  • Ability to copy dump files & other required files between 6.1 & 8.1
  • Migration of data is assumed to be migration of agents, user accounts, tokens, PINS and associated user data only – other configuration may require manual setup post migration.
  • If integrated with Active Directory – Usernames used in 6.1 environment must match those in Active Directory in order for migration to succeed to 8.1 if transferring a static user list to an Active Directory user list

Citrix Access Gateway integration

  • New Appliance to be integrated with Citrix Access Gateway Appliance via either a change to Citrix Access Gateway Configuration or by using previous RSA Appliance IP addresses

Post Implementation

  • Basic Skills transfer as time allows

Outside Scope

  • Advanced features such as:
    • 8.1 Webtier components – for external published access to Self-Service Console, use of Risk Based Authentication, Dynamic Seed Provisioning of Software Tokens (Most customers rarely use/need these components)
    • Self-Service Console can be used for internal use only
    • User Self service Token Provisioning component
    • Trusted Realm Deployments
    • Any other RSA consultancy requirements and RSA features not discussed in scope of work & caveats are outside agreed scope of consultancy.
    • Documentation
      • Basic screenshots of installation process can be done as time allows if required

 Time

  • 1 Day consultancy
  • All work done as time allows and assumed no time consuming change control process on the days involved impacting changes

The Boy and The sea ———– أمام البحر قد وقف

1

هذا البحر الممتد حتى الأفق البعيد

This sea extends until the far horizon
2

أتسمع صوت أمواجه؟

Do you hear the sounds of its waves?
3

أجل. وكأنها تحكي قصته العجيبة

Yes, like it is telling it’s amazing story
4

انظر إلى ذلك الصبي الواقف أمامه،

Look at that boy standing in front of it
5

كأنه يتحدث إليه

Like he is talking to it
6

إنه يسأله عن أسراره

Verily he is asking about its secrets
7

والبحر يجيبه

And the sea is answering

 

8

أمام البحر قد وقف       

In front of the sea he stood
9

صبي يجمع الصدف

A boy collecting shells
10

وحين الموج بلله

And when the wave drenched him
11

أحس البرد فارتجف

He felt the cold and shivered
12

سؤال عابر فار

A passing question rankled
13

بنفس الطفل فاحتار

With the boys soul and then he wondered
14

يرى بحرا ولا يدري

He sees a sea he does not know
15

له معنى ولا هدفا

For him a meaning and no objective
16

يحار القلب والفكر

It perplexes the heart and the mind
17

فمن سَوَّاك يا بحر

Then who shaped you O sea?
18

جلال روعة سر

A majestic awesome mystery
19

تُحّيِّر قلبا من وصف

It confused a heart who it described
20

وراح البحر يتسم

And the sea leaves making him believe
21

وبالشطآن يرتطم

And with the devil he collided
22

وحين الطفل أحرجه

And when the boy embarrassed him
23

أزاح الصمت واعترف

He brushed aside the silence and he acknowledged
24

وقال البحر يا ولدي

And the sea said O boy
25

سل الأسماك في كبدي

Unsheathe the fish inside
26

وسل موجي تجد قلبي

And Unsheathe my wave to find my heart
27

بحب الله قد هتف

With the love of Allah he called out
28

إله الكون سوّاني

The God of the universe arranges you
29

ومن يرعاك يرعاني

And who looks after you looks after me
30

تبسم بعدها الطفل

He smiles after it, the boy
31

وحيّ البحر وانصرف

Inspired by the sea, he departs