Owner's manual
Table Of Contents
- Chapter 1: Introduction
- Chapter 2: Accessing CC-SG
- Chapter 3: Configuring CC-SG with Guided Setup
- Chapter 4: Creating Associations
- Chapter 5: Adding Devices and Device Groups
- Chapter 6: Configuring Nodes and Interfaces
- Chapter 7: Adding and Managing Users and User Groups
- Chapter 8: Policies
- Chapter 9: Configuring Remote Authentication
- Chapter 10: Generating Reports
- Audit Trail Report
- Error Log Report
- Access Report
- Availability Report
- Active Users Report
- Locked Out Users Report
- User Data Report
- Users in Groups Report
- Group Data Report
- AD User Group Report
- Asset Management Report
- Node Asset Report
- Active Nodes Report
- Node Creation Report
- Query Port Report
- Active Ports Report
- Scheduled Reports
- CC-NOC Synchronization Report
- Chapter 11: System Maintenance
- Chapter 12: Advanced Administration
- Appendix A: Specifications (G1, V1, and E1)
- Appendix B: CC-SG and Network Configuration
- Appendix C: User Group Privileges
- Appendix D: SNMP Traps
- Appendix E: Troubleshooting
- Appendix F: Two-Factor Authentication
- Appendix G: FAQs
- Appendix H: Keyboard Shortcuts

APPENDIX F: TWO-FACTOR AUTHENTICATION 235
Appendix F: Two-Factor Authentication
As part of CC-SG RADIUS based remote authentication, CC-SG can be configured to point to a
RSA RADIUS Server which supports two-factor authentication via an associated RSA
Authentication Manager. CC-SG acts as a RADIUS client and sends user authentication requests
to RSA RADIUS Server. The authentication request includes user id, a fixed password, and a
dynamic token code.
Supported Environments
The following RSA Two-Factor Authentication components are known to work with CC-SG.
• RSA RADIUS Server 6.1 on Windows Server 2003
• RSA Authentication Manager 6.1 on Windows Server 2003
• RSA Secure ID SID700 hardware token.
Earlier RSA product versions should also work with CC-SG, but they have not been verified.
Setup Requirements
Proper configuration of an RSA RADIUS Server and RSA Authentication manager is beyond the
scope of this guide. Please consult the RSA documentation for additional information.
Note, however, that the following procedures must be completed:
1. Import Tokens
2. Create a CC-SG user and assign a token to the user.
3. Generate a user password.
4. Create an Agent Host for the RADIUS server.
5. Create an Agent Host (type: Communication Server) for CC-SG.
6. Create a RADIUS CC-SG client.
Known Issues
The RSA RADIUS “New PIN” mode that requires a challenge password/PIN will not work.
Instead, all users in this scheme must be assigned fixed passwords.