Professional Documents
Culture Documents
[Sprint I]
AC-CORE II
Drivers
Compliance in specific verticals
Desire for stronger authentication
Constraints
Should involve minimal or no
incremental cost to customers
Customers should not need to
install anything or incur lot of
effort
Samp
le
Solution Setup
A single VIP Reseller account will be setup for
Mobility
A Mobility Operations team will be responsible for
managing this account
Each Mobility customer that wishes to have 2FA for MM will
get a new VIP Account (but no VIP Manager access) for free
The solution supports both SaaS and On-Prem scenarios in
the same way every customer gets a VIP account
There is no API set/ automation/ code integration possible
Operations team as described above will manage setting
up member account for each tenant
Each member account so created shall go through an
approval process on VIP side (takes 3-4 working days)
Overview Workflow
Tenant Admin
Initialize Set
up
Request 2FA
Provisioning
Request Sent
Ops Personnel
Create VIP
Tenant Account
Configure VIP
Policy
Run Script to
send success
email
Tenant Admin
SaaS: Enable
2FA
On-Prem:
Verify Key and
Enable 2FA
5
1
0
1
1
Script output
Notification in Admin Inbox.
$ cd /usr/local/nukona/appstore_cu
setings.APPSTORE_ROOT
1
2
1
3
1
4
MM
Login/Pwd
Second-Factor
Authentication
VIP OTP
1
5
1
6
1
7
1
8
1
9
2
0
2
1
2
2
2
3
Script output
Notification with verification key
2
4
2
5
2
6
2
7
MM
Login/Pwd
Second-Factor
Authentication
VIP OTP
2
8
Additional Scenarios
2
9
Exceptions
SaaS
No exception scenario on SaaS model
On-Prem
Request got rejected for first time 2FA provisioning
Expiration workflow
Request got rejected for recurring user having 2FA
3
0
3
1
Verification Key
Your VIP configuration request has been rejected due to issues in the
certificate uploaded. Please request again by uploading a new valid
certificate.
OK
3
2
Rejecte
d
3
3
Thank you!
AC-CORE II
DL-ENG-EME-ACCORE2@symantec.com
Copyright 2011 Symantec Corporation. All rights reserved.Symantec and the Symantec Logo are trademarks or registered trademarks
of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this
document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to
change without notice.
3
4