We are using RSA as authentication server for Networking Devices Authentication(Cisco ASA, Cisco 6506, Cisco 35xx). Now If We authorized an user in RSA to login to ASA then he simply "log in" to Firewall. So this way it allowes al the RSA users(what if RSA users are 100+) to login to ASA and then can play with it(Sounds really scary).
Being a Network Admin I also need to depend on RSA for authentication. Now here are my Questions:
1.> Is there any way to give locally authentication to Network Admins.
2.> All RSA users can login to ASA. I understand as we have configured RSA as authentication server so It will happen. But can't we control there privilage level and access limitations to ASA and other Networking Devices ?