Rsa Securid App

  • Open an application. Follow the instructions in your VPN or browser. For example, you might need to use your fingerprint in the RSA SecurID Authenticate app. If you need to use the Authenticate app, you will receive information from your administrator explaining how to register your device with RSA SecurID.
  • In the RSA SecurID app on your mobile device, enter your PIN to obtain a passcode. At the Enter PASSCODE prompt in the CLI terminal, enter the RSA SecurID passcode displayed in the app. At the next prompt, enter your default NAS password. Change your default NAS password. (See Password Creation Rules.) It may take up to 15 minutes for the new.

Install RSA SecurID App on Mobile Device To install the RSA SecurID token app onto your mobile device: 1. Go to the App Store icon on iOS device or Google Play on Android device 2. Search for “RSA SecurID” 3. Install the RSA SecurID app. Device account password may be required.

To increase protection of your accounts against fraud, internet scams and other cyber threats, NCB has implemented security technology, RSA SecurID token (security tokens). This solution is a globally recognised security tool used by many banks to protect confidential information and assets.

The security token provides a unique code that, along with your PIN, will be required to:

  • Login to your NCB Online Banking accounts and
  • Validate transactions

Customers have the option of a ‘soft token’ via a mobile app on a smartphone or a ‘hard token’ via a physical device. We encourage you to sign up for your RSA token today, if you have not already done so. Note that currently, a token is required to do the following transactions - Third Party Transfers, Wire Transfers and to Add/Transfer to Beneficiaries. Effective May 20, 2019, RSA Tokens will be required to access NCB Online Banking.

How do you get a token?

  • Visit NCB Online and login using the current process
  • For Soft Tokens
    • Download the RSA SecurID Software Token from the appropriate mobile app store
    • Select Mobile App
    • Follow onscreen instructions to register
  • For Hard Tokens
    • Select Physical Device -->location to collect device
    • Collect device at selected location
    • Log back into NCB Online and follow the onscreen instructions

For additional information, please review the FAQs, view the registration demos or feel free to contact our dedicated line everyday from 6:00am - 10:00pm at (876) 936 - 4374. For 24 hr assistance, call Customer Care Centre at 888-622-3477.

SECURITY TIP: NCB will never send you an email requesting that you click a link, or download an attachment, in order to update your information. If you have questions about the authenticity of an email, immediately report to our Customer Care Centre.

This application was designed to give users usable data surrounding the activity taking place on their RSA SecurID appliances. This application will work with both the RSA SecurID Appliance 130 and 230 models.

Pre-deployment Assumptions:

  1. The RSA appliances are configured to send SNMP traps and allow SNMP read access using SNMPv2.
  2. The Splunk server is accepting SNMP traps and logging them to /var/log/snmptraps.log or the SNMP traps are being absorbed by Splunk in some manner and given a sourcetype name 'snmptrap'.
  3. The Splunk server has SNMP access to the RSA appliance.
  4. The snmpget command is installed and in your $PATH

Application Configuration:

Scripted Inputs: For the 'Network Activity' view to properly work there is a scripted input that needs to be configured. This scripted input uses the snmpget command to retrieve specific values from the device. If you have multiple devices then you need to configure multiple scripted inputs. Follow these steps:

1. Copy the sample inputs.conf file from $SPLUNK_HOME/etc/apps/RSASecurID/default/inputs.conf to your local folder, just so no changes are overwritten if the application is updated.

Rsa Securid App Android

2. Edit the inputs.conf file and change the script stanza to reflect your device configuration:

App

[script://$SPLUNK_HOME/etc/apps/RSASecurID/bin/getSnmpData.sh public 1.1.1.1]
disabled = 1

Rsa

Change 'public' to be the community name configured on your appliance that has read access. Change '1.1.1.1' to be the IP Address of your appliance. Change 'disabled = 1' to 'disabled = 0' to enable the scripted input.

3. If you have multiple appliances, just copy/paste the [script://] stanza for as many appliances as you have and configure the appropriate values as mentioned above.

Monitored Inputs: There is an example [monitor://] stanza in the inputs.conf file. Configure this for the proper location of the file that your SNMP traps are being logged to. If the SNMP traps are already being indexed by Splunk then this can be ignored.

Reports in this Application:

Summary View:

  • All Users Accessing the Device(s)
  • Count of Events (5min spans)
  • Total Failed/Successful Logins (5min spans)
  • Top Ten Connecting Hosts
  • Top Ten Actions

Rsa Securid Application

User Activity View:

  • Successful Actions
  • Failed Actions
  • Successful Action Reasons
  • Failed Action Reasons
  • Login Failures by User
  • After Hours (<9am and >5pm) Admin Events
  • System Level Actions
  • Runtime Level Actions
  • Admin Level Actions

Network Activity View:

Rsa Securid App Mac

  • Received KBytes by Interface
  • Transferred KBytes by Interface
  • Total Inbound Packets by Interface
  • Total Outbound Packets by Interface
  • Total TCP In/Out Segments
  • Total UDP In/Out Segments
  • Total TCP Active/Passive Connections Opened
  • Total TCP and UDP Error Counts
  • ICMP In/Out Messages
  • ICMP Inbound Echos
  • ICMP In/Out Destination Unreachables

TODO:

Rsa Securid App Store

  1. Making the Event Search form prettier
  2. Add a correlation view to detect abnormalities in the events