We started with the RSA Authentication Manager component (formerly known as RSA ACE/Server). This is the software engine that serves up the server side of the RSA SecureID authentication tokens. It was an easy install, and the documentation walked us through step by step from installing the software to initializing and managing the tokens. The reason we had to install a new RSA token manager server was that the older version, which the client had running for years, didn't support the new token/password integration feature that would completely eliminate the need for employees to know their passwords.
We installed the RSA Access Manager (formerly called RSA ClearTrust) and installed the RSA Web Agent product on the IIS server that hosted OWA. In a few hours, we had our first test servers up and running. We did have to call the RSA system engineer twice, but both times, we got them on the phone in under a minute, and the last guy gave us his cell phone number when he headed to lunch.
For the second stage of the pilot project, we planned to integrate the RSA SecureID-only idea with the client's existing Citrix investment. Citrix sent us their Citrix Access Gateway in both software and hardware appliance forms.
Again, installation was fully documented, and went pretty smoothly. We called a Citrix system engineer to confirm some of our findings, and again, we got fast, quick support. Within a day and a half, we had the test lab up and working.
Both RSA and Citrix impressed me. I've dealt with these firms a lot over the past decade, but it had been a few years since I'd interacted with them directly on a sustained new pilot project. Installing RSA ACE/Servers and Citrix Web server farms has become a pretty rock-solid process these days.
To be honest, on a project like the one I was performing, I expected both vendors to oversell what they could do and provide crappy documentation and nonexistent tech support. What I found was the exact opposite. Both RSA and Citrix had quality products, were responsive, and had great integration documentation. I can say this: If you are thinking of getting away from passwords, RSA and Citrix have a great integration solution for you.