Symantec Access Management

Transcript Office Hours for CA Advanced Authentication (Jul 20) 

Jul 20, 2015 03:05 PM

Kristen Malzone (CA) :

Welcome to CA Advanced Authentication Office Hours!

 

Kristen Malzone (CA) :

Our team of experts is standing by to answer your questions. Enter a question here in the chat window.

 

Kristen Malzone (CA) :

Hi Jeff! Hi Shashidhar! Thanks for joining us today

 

Kristen Malzone (CA) :

Hi Rishu! Thanks for joining!

 

Kristen Malzone (CA) :

Got a question about Risk Authentication or Strong Authentication? Ask it here in the chat window!

 

Kristen Malzone (CA) :

Hi Tony! Thanks for joining us today!

 

Tony Lawman :

@Kristen - thanks for welcome

 

Shashidhar :

Hello Kristen. Is this related to the Device DNA module which is now part of CA Single Sign on ?

 

Kristen Malzone (CA) :

@Shashidhar - These Office Hours cover the CA Risk Authentication and CA Strong Authentication products. Are you asking about Device DNA as it relates to CA Single Sign-On or CA Risk Authentication?

 

Shashidhar :

As it relates to CA Single Sign-On

 

Martin Yam :

@Shashidhar - you are asking about the Session Assurance capability in CA SSO.  It does use the same technology that we have in Risk Authentication, but it comes bundled into the CA SSO solution

 

Martin Yam :

It is session related only and does not carry any history about the users previous login attempts.

 

Martin Yam :

it is designed to protect against a fraud attempt that would steal the users SMSession cookie

 

Eduardo Tavares :

Hi guys! I have a question, regarding Risk Auth: in this latest release, we added the OOTB Behavioral Model (based on some predetermined "disciplines" of analysis). My question is: do we (still) offer customized Models (as Services implementation)?

For instance: a Loyalty Program customer wants to raise the risk if multiple rewards are claimed to the same address...


Shashi Dasari :

can AFM be leveraged when NOT integrating with Siteminder?

 

Charley Chell :

Eduardo, with our new 8.1 release we have opened the ability to plug in custom rules types and models, so yes, we can support such work.  The interface is part of our public API.  If you have needs for a specific model, such as loyalty programs then contact me offline

 

Charley Chell :

Yes Shashi, AFM supports both SiteMinder and non-SiteMinder integrations. 

 

Eduardo Tavares :

@Charley, this is great news! Thanks.

 

Charley Chell :

There's a lot of capability to use the wizard to define flows and then customize them to your needs.  The SiteMinder integration is just one of the pre-packaged "flows"

 

Shashi Dasari :

Great..! in a non-SM integration, how do I get the AFM war? 

 

Charley Chell :

AFM is distributed as of the software.  It is included in the Strong Auth package

 

Tony Lawman :

It's been over a year or more since I have worked with these solutions. Where would I look to find recorded sessions and technical sales presentations?

 

Martin Yam :

here is a link to current Advanced Authentication videos

 

Martin Yam :

Playlist for CA Advanced Authentication videos can be found at:

http://www.youtube.com/playlist?list=PLynEdQRJawmxKQnGSMjRRCAmLM_VVVgCq

 

Tony Lawman :

@Marty - great thanks. will definitely take look.

 

Kristen Malzone (CA) :

Did you know that you can submit and vote on ideas for upcoming releases in the CA Security Community? Go here to view Risk Authentication ideas: http://cainc.to/3tf8Es and go here to view Strong Authentication ideas: http://cainc.to/ubwNFK

 

Kristen Malzone (CA) :

15 minutes left! Get your final questions in now!

 

Jim Lundell :

Is the computed risk score able to be passed to applications?  Including the individual risk scores that made up the composite risk score?

 

Charley Chell :

The overall risk score as well as the rule results are returned in the API

 

Charley Chell :

There is a call, EvaluateRisk, which accepts information about the user, transaction, device, etc.; runs through the model and rules, and then returns three things: the risk advice (allow, require more auth, or deny), the score, and the yes/no results of all runes

 

Jim Lundell :

@Charley  Thanks.  To confirm, this is not returned as part of a CA SSO response but rather a separate call the application can make?

 

Charley Chell :

The same information should be available to your in the SSO xustom auth scheme.  That code calls this API

 

Kristen Malzone (CA) :

OK - that's all the time we have for today!

 

Kristen Malzone (CA) :

Please join us next month on August 17. RSVP here: https://communities.ca.com/events/2163

Statistics
0 Favorited
1 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.