While it's always recommended to test Rublon Multi-Factor Authentication (MFA) in a dedicated testing environment, we understand that this is not always feasible. If you must test Rublon MFA in your production environment, it is crucial to follow best practices to minimize disruptions and maintain security. This article outlines the steps and precautions to ensure a smooth testing experience.
Preparation Before Testing
1. Set Enrollment Type to Manual with Bypass
Before installing any Rublon connectors in your production environment, navigate to the Rublon Admin Console’s Settings tab and set the Enrollment Type to Manual with Handling of unknown users set to Bypass.
This configuration ensures that:
Users will not be prompted for MFA after the connector is installed.
Authentication processes remain unchanged from the user's perspective.
Users begin to appear in the Users tab of the Admin Console, allowing you to monitor and manage them without affecting their experience.
2. Understand Connector Requirements
Some Rublon connectors may require a restart of the operating system or machine on which they are installed. For example, installing the Rublon MFA for Windows Logon & RDP connector will necessitate a system restart, which can interrupt existing Remote Desktop Protocol (RDP) sessions.
Recommendations:
Plan for Downtime: Schedule the installation during off-peak hours to minimize disruptions.
Notify Affected Users: Inform users about the potential interruption in advance. Let administrators and support staff know about the testing to prepare them for any potential issues. Ensure users know how to reach IT support if they experience any problems.
During Installation
Set Fail Mode to Bypass
When installing a Rublon connector, you will have the option to set the Fail Mode. Setting the Fail Mode to Bypass is crucial during testing because:
If the connector cannot communicate with the Rublon API (e.g., due to firewall restrictions), the authentication process will bypass MFA instead of blocking access.
This prevents users from being locked out in case of connectivity issues.
To learn more about the Fail Mode, refer to:
Be Aware of System Restarts
As mentioned earlier, some connectors require a system restart. During installation:
Confirm Restart Requirements: Pay attention to any prompts indicating a restart is necessary.
Schedule Accordingly: If a restart is needed, ensure it's done at a time that minimizes impact.
After Installation
Checking the Rublon Admin Console
Check the Users List: Verify that users are appearing in the Users tab of the Admin Console.
Monitor Authentication Logs: Keep an eye on authentication attempts to ensure everything is functioning as expected.
Helpful Links
How should I configure my firewall for Rublon?
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article