I considered the problem a while back and the closest I could come was a SAM template that monitors the processes and ports on the RSA servers.
Thinking about it now, I could also extend the template to scrape some of the RSA logs off the servers looking for items to alert on.
If you want to pursue a RSA user experience test, here are 2 ideas that might help
- I think the RSA service can be configured with static accounts that actually don't require a token to authenticate. I remember one of our RSA admins mentioning something like this as an alternate path into the RSA system that they use incase of a catastrophic RSA crash.
- There are software versions of RSA tokens (IOS for sure, Android and maybe windows/mac also). Perhaps using some elite scripting skills on a device that has a RSA sw token, you could actually do a RSA authenticated login and watch on the inside of the network for the session (whatever it is) to come up. If the scripted RSA user doesn't make it in, then trip an alert.
Chris