With the release of Kaseya VSA R9.1 new capabilities have been added. Please see this article for the rest of the R9.1 release notes.
Kaseya introduces a new addon module with this release, integrating AuthAnvils identity and access management (IAM) solution with the Kaseya VSA. Integration with the VSA comprises three different AuthAnvil services.
- Two Factor Authentication
- Password Server
- Single Sign On
Two Factor Authentication
Integration enables two factor authentication for:
- Users logging into the VSA
- Users logging into Kaseya agent managed Windows servers and workstations
- Remote control sessions started from within the VSA
- Live Connect sessions, set independently from other types of remote control sessions
Alerts and logging are provided for all two factor authentication activity. Active Directory integration is supported. You can optionally enable endpoints with a "queue" of passcodes to support authentication when endpoints cannot connect to a network, for example laptops out in the field.
The same AuthAnvil module includes integration with Password Server. Password Server is used to configure and store all the credentials VSA administrators are required to work with, on behalf of multiple customers. Password Server includes the ability to set policies for credentials, control user access to each credential using personal, private and shared vaults, schedule password updates, and maintain logs of credentials usage. Password Server supports both SAML-enabled logons that allow immediate access and logons that require a business workflow to complete the logon. Password Server can optionally include the two factor authentication credentials youve created using the Two Factor Authentication service.
Single Sign On
A credential, with or without two factor authentication, can be added as a "menu app" item to the Single Sign On service. Once the Single Sign On menu is configured, the VSA user only needs to authenticate oncetypically using two factor authenticationto gain access to this menu. Clicking any app in the menu provides instant access to any other resource without having to re-authenticate. The three services, integrated with the VSA, handle all authentications entirely behind the scenes, providing immediate, highly- secure access to all the machines you manage.
One of the applications you can add to each VSA user's Single Sign On menu is an app to logon to the VSA. This means the Single Single On menu provides immediate, secure access to the VSA as well as all other resources VSA users require to perform their daily tasks.
Agent Procedure Approvals using Two Factor Authentication
Instead of signing and then approving agent procedures using two different VSA users, you can now sign and approve agent procedures using your 2FA passcode, if Two Factor Authentication has been enabled for your VSA user.
VSA Logon Page
The style of the VSA logon page has been updated to emphasize the VSA's new identity and password management capabilities. It also adapts when resizing the window.
The AuthAnvil integration addon module for VSA is installed by default at no charge when you upgrade to R91. AuthAnvil is purchased separately. All three AuthAnvil services must be installed on a separate system from the KServer. Usually all three services are installed on the same system, along with the database server used by the AuthAnvil services.
If you are not an existing AuthAnvil customer please contact email@example.com for more information about purchasing AuthAnvil.
If you have any questions or need some help, we would be happy to assist. Open a case at kaseya.zendesk.com .