search cancel

Integration Symantec VIP with vCenter - VMware

book

Article ID: 258311

calendar_today

Updated On:

Products

VIP Service

Issue/Introduction

Is it possible to integrate Symantec VIP with vCenter from VMware?

Environment

Release : Enterprise Gateway - 9.10.1

Cause

vCenter does not support Radius authentication so integration is not possible for Radius.

Resolution

vCenter Single Sign-On allows you to authenticate as a user in an identity source that is known to vCenter Single Sign-On, or by using Windows session authentication. You can also authenticate by using a smart card (UPN-based Common Access Card or CAC), or by using an RSA SecurID token.

Two-Factor Authentication Methods

The two-factor authentication methods are often required by government agencies or large enterprises.
Smart card authentication
Smart card authentication allows access only to users who attach a physical card to the USB drive of the computer that they log in to. An example is Common Access Card (CAC) authentication.
The administrator can deploy the PKI so that the smart card certificates are the only client certificates that the CA issues. For such deployments, only smart card certificates are presented to the user. The user selects a certificate, and is prompted for a PIN. Only users who have both the physical card and the PIN that matches the certificate can log in.
RSA SecurID Authentication
For RSA SecurID authentication, your environment must include a correctly configured RSA Authentication Manager. If the Platform Services Controller is configured to point to the RSA server, and if RSA SecurID Authentication is enabled, users can log in with their user name and token.
See the two vSphere Blog posts about RSA SecurID setup for details.
Note:vCenter Single Sign-On supports only native SecurID. It does not support RADIUS authentication.

Additional Information

Understanding vCenter Server Two-Factor Authentication