This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Platform Online Documentation
Browse the official NetWitness Platform Online documentation for helpful tutorials, step-by-step instructions, and other valuable resources.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Versions
Collections
All Downloads

Table of Contents

Product Resources

Set Up Multi-Factor Authentication

You can set up Multi-Factor Authentication (MFA) for NetWitness using one of the following methods:

ADFS Log in to NetWitness with SecurID Passcode

Single Sign-On (SSO) functionality of NetWitness can be leveraged where the user authenticates using ADFS log in user interface with AD user credentials followed by the SecurID passcode.

Note: This method is suitable only for single AD users.

Prerequisites

  • The NetWitness Platform (NW) version 11.4 or later

  • MS Active Directory Federation Services (ADFS) - MS Windows Server 2012 R2 or later

  • MS Active Directory (AD) – MS Windows Server 2008 R2 or later

  • Authentication Manager (AM) 8.4 or later

  • Authentication Agent for ADFS 1.0 or later

Perform the following configurations:

  1. Configure Authentication Manager.
  2. Configure NetWitness.
  3. Configure ADFS.

Configure Authentication Manager

Configure Active Directory as an Identity Source in Authentication Manager using the steps described in the section Add an Identity Source.

Configure NetWitness

  1. Configure Active Directory for External Authentication to NetWitness using the steps described in the section Configure Active Directory.

  2. NetWitness must be configured for SSO using the steps described in the section Configure Single Sign-On.

Configure ADFS

ADFS must be configured for SSO in NetWitness. You must copy the exported metadata (see step 9 in Configure Single Sign-On) to ADFS and perform the following steps:

  1. Go to Server Manager > Tools > ADFS management > Trust Relationships.

  2. On the right-side, click Add Relying Part Trust > Start.

  3. Click Import data about the relying party from a file and select the metadata file.

  4. Click Next, and enter a display name.

  5. Click Next until the Close button is displayed.

  6. Ensure the Open the Edit Claim Rules option is selected.

  7. Click Close.

  8. In the Edit Claim Rules dialog, click Add Rule.

  9. In the Add Transform Claim Wizard dialog, click Next.

  10. Enter a claim rule name.

  11. In the Attribute Store drop-down menu, select Active Directory.

  12. In the Mapping of LDAP attributes table, on the left-side select SAM-Account-Name and on right-side, select Name ID.

    Note: Only one mapping is required.

  13. Click Finish.

  14. Click Apply.

  15. Click OK.

    Next you need to configure MFA using Authentication Agent in ADFS. The agent is freely available at (https://community.securid.com/t5/securid-authentication-agent-for/tkb-p/auth-agent-ad-fs-documentation) and for more information on configuration, see ® Authentication Agent 2.0.3 for Microsoft® AD FS Administrator's Guide.

PAM SecurID Log in to NetWitness for AD Users

In this method only SecurID Passcode is required for authenticating to NetWitness. Authentication Manager takes care of the authentication to AD without requiring the password from the user.

After the configuration, the user registered in the Active Directory can log in to NetWitness using the SecurID passcode.

Prerequisites

  • The NetWitness Platform (NW) version 11.0 or later

  • MS Active Directory (AD) – MS Windows Server 2008 R2 or later

  • Authentication Manager (AM) 8.2 or later

Perform the following configurations:

  1. Configure Authentication Manager.
  2. Configure NetWitness.

Configure Authentication Manager

Configure Active Directory as a Identity Source in Authentication Manager using the steps described in the section Add an Identity Source.

Configure NetWitness

Complete the additional configuration for Authentication Manager and NetWitness configuration as described in the section Configure PAM Login Capability.

 

Azure ADFS Log in to NetWitness

Note: This option for SSO is available only when using the SAML Token Based SSO which is available from Netwitness 12.4. Refer Configure ADFS for SAML Token Based Authorization for more information.

Prerequisites

  • NetWitness Platform (NW) version 12.4 or later

  • User must have read and write access to Azure Entra ID.

  • Install the Microsoft Authenticator app in your phone for additional security verification.

Perform the following configurations:

  1. Configure NetWitness

  2. Configure ADFS

  3. Enable MFA for Azure Entra ID Users

  4. Setting Up First Login for the MFA-enabled Azure Users

Configure NetWitness

NetWitness must be configured for SSO using the steps described in the section Configure Single Sign-On.

Configure ADFS

  1. Login to Azure Entra ID.

    1. Click New application.

    2. Click Create your own application and mention an appropriate name for the application (for example: Netwitness) and select non-gallery radio button then click Create.

  1. Add User/Group to the application.

    1. Select User and groups under the Manage tab. Click Add user/group.

    2. Click None Selected under Users/Groups.

    3. Select the User/Group and click Assign.

    4. Click None Selected under Select a role.

    5. Select the Role(s) and click Assign.

  1. Setup SAML based SSO.

    1. Click Single sign-on under Manage tab. Select SAML.

    2. Click Upload metadata file and select the metadata file.

    3. Edit the Attributes & Claims. Click Add a group claim.

    4. Select the groups associated with the user that should be returned in the claim and the Source attribute from the dropdown. Click Save.

      Note: user.userprincipalname and user.groups are required claims.

    5. Once you save the attributes, the Azure ADFS configuration is complete.

Enable MFA for Azure Entra ID Users

  1. Select Azure Entra ID from the left panel.

  2. Under the Manage tab, select Users.

  3. Click the Per-user MFA option at the top. Now, you will see a list of users populating in a new browser window.

  4. Select the user(s) for whom you want to enable the MFA and click the Enable option on the right panel.

  5. In the pop-up box, click the Enable multi-factor auth button to complete the set up.

Setting Up First Login for the MFA-enabled Azure Users

The below steps are for users to set up their first login and multi-factor authentication using the Microsoft Authenticator app.

  1. Login to the Microsoft Azure portal - https://portal.azure.com using the user credentials for which you have enabled the MFA.

  2. Once you login, you will be redirected to the Additional security verification screen. Select the Mobile app from the drop-down menu and select Receive notifications for verification. Click Next.

  3. Open up the Microsoft Authenticator app on your phone and scan the QR code shown. Click Next.

  4. Select your Country and enter the Mobile number. Click Next.

  5. You will get a password for your first login in this window. Copy and save the password securely and click Done.

  6. The first login set up is complete. When you try to log in to your Azure account for the first time, you will get a notification on your mobile device to verify the authenticity of your login attempt.

Now, when you login to Netwitness Portal using SSO, you will be navigated to the Azure MFA website for authentication.

 

 

 

 
 
Previous Page Next Page
0 Likes
Was this article helpful? Yes No
No ratings

On this page

© 2022 RSA Security LLC or its affiliates. All rights reserved.