Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5359
Views
0
Helpful
3
Replies

Can we Integrate ISE with Yubikey MFA for Device Administrator

Go to solution
hashimwajid1
Level 3
Level 3

‎11-28-2018 05:35 AM - edited ‎11-28-2018 06:40 AM

Hi, 

 

we want to integrate Yubikey MFA solution with Cisco ISE for Device administration (SSH with Tacacs).  is there any way that we can achieve this by using Yubikey.

 

currently Yubikey MFA is being use for windows login in enviornment but now customer want it for device ssh authentication as well 

 

is there any way that we can achieve Switches and Routers Authentication by using Yubikey.

 

Thanks in Advance

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Surendra
Cisco Employee
Cisco Employee

‎11-28-2018 08:56 AM

I am not an expert on Yubikey by any means but I don't think Yubikey is applicable for device administration to start with since it is a hardware token AFAIK. Here is the link for the Yubikey catalog where device administration is not an option at all https://www.yubico.com/works-with-yubikey/catalog/#key=all&usecase=all Screen Shot 2018-11-28 at 10.24.47 PM.png

View solution in original post

0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to Surendra

‎11-28-2018 09:05 AM

Correct, if it works similar to other solutions you might be able to utilize it. I would recommend reaching out to them to see how it may work and also use the example belows to help guide you

https://community.cisco.com/t5/security-documents/two-factor-authentication-on-ise-2fa-on-ise/ta-p/3636120
https://community.cisco.com/t5/security-documents/using-duo-with-ise-2-3-and-acs-5-x-for-2fa-cisco-network-admin/ta-p/3642171

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Surendra
Cisco Employee
Cisco Employee

‎11-28-2018 08:56 AM

I am not an expert on Yubikey by any means but I don't think Yubikey is applicable for device administration to start with since it is a hardware token AFAIK. Here is the link for the Yubikey catalog where device administration is not an option at all https://www.yubico.com/works-with-yubikey/catalog/#key=all&usecase=all Screen Shot 2018-11-28 at 10.24.47 PM.png

0 Helpful

Go to solution
hashimwajid1
Level 3
Level 3
In response to Surendra

‎11-28-2018 09:04 AM

Hi Surendra,

Thanks for your quick response,

can you confirm which will work fine with ISE
GMALTO or DUO mfa with ISE for Device Administration ?

Regards
0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to Surendra

‎11-28-2018 09:05 AM

Correct, if it works similar to other solutions you might be able to utilize it. I would recommend reaching out to them to see how it may work and also use the example belows to help guide you

https://community.cisco.com/t5/security-documents/two-factor-authentication-on-ise-2fa-on-ise/ta-p/3636120
https://community.cisco.com/t5/security-documents/using-duo-with-ise-2-3-and-acs-5-x-for-2fa-cisco-network-admin/ta-p/3642171
0 Helpful
Customers Also Viewed These Support Documents