Client Management Suite

 View Only

Token Based Authentication

  • 1.  Token Based Authentication

    Broadcom Employee
    Posted Nov 06, 2024 08:52 AM

    One of the most significant enhancements in 8.7.3 is the addition of token-based authentication for the Symantec Management Agent.

     

    Prior to ITMS 8.7.2, the Symantec Management Agent could only use the Account Connectivity Credentials (ACC) account to access secured resources on site servers and the Notification Server. 

     

    This posed a challenge in cases where customers have password reset policies in place and the environment is configured to lock out accounts after a specified number of consecutive unsuccessful authentication attempts.  In such cases, the administrator would change the password in Active Directory and then change the password of the ACC credentials in ITMS.  However, it would take some time for that password change to be synchronized throughout the environment, potentially resulting in the ACC account being locked out after several unsuccessful authentication attempts. To address this issue, support for agent tokens was added in 8.7.3. 

    In addition to agent tokens, ASDK and Internet Gateway support for token-based authentication was also added in ITMS 8.7.3, to enable customers to move away from the use of the ACC account.  That being said, the patch management APIs are separate from the ASDK and still require the use of the ACC account.  However, there are plans to implement token-based authentication for the patch management APIs.

    For more information on using ITMS with token-based authentication, please see the new white paper that has been published.