Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1202
Views
0
Helpful
1
Replies

RSA SecurID Soft Token vs DUO Security for AnyConnect 3.1?

webabc123
Level 1
Level 1

‎03-25-2015 10:07 AM - edited ‎02-21-2020 08:09 PM

We are looking at migrating away from hard tokens.

Which works best?  Do they both work with the most basic ASA licensing?

We have some users that may need to stay on hard tokens for various reasons such as not having a mobile phone at all or just not wanting to use their personal phone for this purpose.

Can both RSA hard tokens and RSA soft tokens be used simultaneously by different users?

Can both DUO Security and RSA hard tokens be used at the same time for different users?

Any major cost savings using one vs the other?

Labels:
0 Helpful
1 Reply 1

Gunnar Hermansen
Level 1
Level 1

‎03-27-2015 04:40 AM

Hi Webabc123,

 

I would recommend to use SMS PASSCODE with Cisco AnyConnect. SMS PASSCODE Works with traditional IPSEC VPN, the SSL VPN and Cisco AnyConnect. You can see an example here: http://player.vimeo.com/video/100710625

SMS PASSCODE can make traditional MFA and provide a session specific token, that cannot be used outside the session. Further more is SMS PASSCODE offering geo fencing.

SMS PASSCODE can deliver the token by ordinary sms, flash sms, app based text message, voice call back, yubico token, OATH hardware token, soft token like Google authenticator or Microsoft authenticator.

You can have a mixed environment with SMS PASSCODE and RSA tokens.

The administration of a policy driven system like SMS PASSCODE will provide a huge cost saving compared to administer a hardware token solution. 

 

 

0 Helpful
Customers Also Viewed These Support Documents