Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Configuring Global Settings > Configuring two-factor authentication
Configuring two-factor authentication
Security Manager Help | Web, Data, and Email Protection Solutions | v8.5.x
Use the page Global Settings > General > Two-Factor Auth to manage the use of two-factor authentication for administrator logons.
 
Note 
Two-factor authentication requires administrators to provide two forms of identification when logging on to the Security Manager.
Access to Forcepoint Mobile Security is not covered by two-factor authentication; you must log on to the cloud-based console using your regular user name and password.
The following methods are available:
*
*
If you choose to enable RSA SecurID authentication:
*
*
*
*
To set up Security Manager RSA SecurID authentication:
1.
In the section RSA SecurID Authentication, mark the check box Authenticate administrators using RSA SecurID authentication.
2.
Enter a valid User name and Passcode for RSA SecurID logon.
The user must be able to authenticate with RSA Authentication Manager but does not have to be a Security Manager administrator.
3.
Click Test Connection to RSA Manager.
The connection test must be successful before the Security Manager allows changes to be saved on this page. The results of the test are displayed next to the Test Connection button; for more information on these results, see Test connection to RSA Manager results.
4.
This means that any administrators configured on the page General > Administrators can log on using their local or network credentials as a fallback. If you do not select this option, RSA authentication is the only option for all administrators except the "admin" account created during installation.
5.
The settings are saved.
To set up Security Manager certificate authentication:
1.
In the section Certificate Authentication, mark the check box Authenticate administrators using client certificate authentication.
2.
To enable attribute matching, in the section Certificate Matching, mark the check box Use attribute matching as a fallback method and select whether it applies to all administrators or only to administrators without certificates in the Security Manager.
To configure the attributes used for matching, click Configure Attribute Matching, then see Setting up attribute matching.
3.
When certificates are successfully imported, a success message is displayed at the top of the page. If any of the certificates are not imported correctly, you can upload a certificate for each network administrator on the page General > Administrators > Edit Network Account.
4.
In the section Root Certificates, click Add to add a root certificate for signature verification. There must be at least one root certificate in the Security Manager for two-factor authentication to operate.
*
5.
6.
In the section Password Authentication, to enable password authentication as a fallback method, mark the check box Allow password authentication to log on to the Security Manager for: and select whether it applies to all administrators or only to administrators without certificates in the Security Manager.
 
Note 
7.
The settings are saved.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Configuring Global Settings > Configuring two-factor authentication
Copyright 2018 Forcepoint. All rights reserved.