Troubleshooting guide
C: Glossary 113
RSA Authentication Manager 6.1 to 8.1 Migration Guide
instance
An installation of RSA Authentication Manager that can be set up as a primary
instance or a replica instance. An instance also includes a RADIUS server.
internal database
The Authentication Manager proprietary data source.
keystore
The facility for storing keys and certificates.
load balancer
A deployment component used to distribute authentication requests across multiple
computers to achieve optimal resource utilization. The load balancer is usually
dedicated hardware or software that can provide redundancy, increase reliability, and
minimize response time. See Round Robin DNS.
lower-level security domain
In a security domain hierarchy, a security domain that is nested within another security
domain.
minimum assurance level
See assurance level.
node secret
A long-lived symmetric key that the agent uses to encrypt the data in the
authentication request. The node secret is known only to Authentication Manager and
the agent.
on-demand tokencode
Tokencodes delivered by SMS or SMTP. These tokencodes require the user to enter a
PIN to achieve two-factor authentication. On-demand tokencodes are user-initiated, as
Authentication Manager only sends a tokencode to the user when it receives a user
request. An on-demand tokencode can be used only once. The administrator
configures the lifetime of an on-demand tokencode. See on-demand tokencode
service.
on-demand tokencode service
A service that allows enabled users to receive tokencodes by text message or e-mail,
instead of by tokens. You configure the on-demand tokencode service and enable
users on the Security Console.
Operations Console
An administrative user interface through which the user configures and sets up
Authentication Manager, for example, adding and managing identity sources, adding
and managing instances, and disaster recovery.
permissions
Specifies which tasks an administrator is allowed to perform.
preferred instance
The Authentication Manager instance that the risk-based authentication service in the
web tier communicates with first. Also, the instance that provides updates to the web
tier. Any instance can be the preferred instance. For example, you can configure a
replica instance as the preferred instance.