Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
201
Views
0
Helpful
0
Replies

About the Duo device health check function

vnfmaqpfl1103
Level 1
Level 1

‎05-14-2025 07:02 AM - edited ‎05-14-2025 07:04 AM

I have a few questions for implementing device health features.

The current test configuration is as follows.

asa vpn(secure client) - ise(3.3) - duo cloud(native mfa)

When connecting to the vpn, 2fa authentication was completed through duo mobile.

-> Cisco ISE Auth API was implemented

 

The next test goal is to use the device health function to control access based on whether the security agent is installed.

I have installed the duo desktop, but I am having difficulty finding the device registration and authentication procedure.

I looked up the guide and it seems that I can apply the universal prompt to the secure client application..

 

The way I want is that when I try to connect to the vpn client (the username/password account information is held by the ise server and duo cloud), a universal prompt window appears and I want to connect after the final 2fa authentication through duo push.

During this process, access control operation also occurs based on whether the Windows Defender Security agent is installed.

There is also talk that SAML IDP communication between ISE and DUO is required, but there doesn't seem to be a detailed guide. I feel like I'm missing something, so maybe you could correct me.

Can someone give me some advice or clarification on this?

 

0 Helpful
0 Replies 0
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents