Policy & Access Control

Hi,   I was wondering if someone can explain the Risk based profile acceptance (allowed) and timeframe; I'll explain, in doing Immpossible travel testing the first time I dit it was testing from a VPN through Norway after just logging in from Canada....

Morning All:I am deploying laptops with MFA to log into the laptop as a security protection.  I want to remove the current need to MFA into the Remote Server.  Primarily this causes frustration on the part of the end user.  I am unable to locate a se...

Hi All, Needs to configure trusted endpoint on windows/mac os user machine using guid. Can anyone know how to do it or share any relevant document

We have an old Cisco ASA (5508) which has Duo configured for AnyConnect VPN, but using local accounts ONLY for Admin/Management. We are moving to a new FirePower device (in ASA mode) and want to enable some sort of SSO or MFA for Administrators using...

We have multiple, disconnected networks where we have the DNG installed. We’ve been using the RDP functionality for a while in beta and want to expand it to other networks now that it’s in GA. But I don’t see a way to add another gateway to the Heal...

I made a change few months ago under operating systems for one of the policy and now the operating systems are no where to be found under any policy.

Hello,how can create a script for duo device health agent that would always have the checkmark selected for "Launch DUO device Health when I log in"We are receiving a lot of users that are not able to connect to cisco secure vpn client due to DUO hea...

Is it possible to restrict self-enrolment so that it can only be done in a trusted environment, eg on premise or from a trusted device?  If inline self-enrolment is enabled, and a user who has never bothered to enrol gets phished, the attacker can si...

Good day all. I am not sure if what I am trying to do can be done directly, but perhaps someone can chime in with how to do this directly, or some form of work around or variable process to accomplish this.We use Duo Essentials and run our VPN servic...

What is best practice for setting up local admin accounts with duo - without adding a bypass code, or adding all the techs cell as an authentication method? I don't want every tech to get a notification each time one tech logs into a local admin. I k...

Good Morning, My district is fairly new to DUO. We are rolling this out to the whole district, and we are encountering some trust assessment problems. How do I resolve these issues. Most times, I am standing in front of the user when this happens.Unr...