Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new blog
237
Views
0
Helpful
0
Comments

Multi-Factor Authentication with Cisco Duo Security

Gopinath_Pigili
VIP
VIP
‎11-19-2024 10:49 PM

                                                        Cisco Duo Security

Duo Security was a company acquired by Cisco that develops a very popular multifactor authentication solution that is used by many small, medium, and large organizations. Duo provides protection of on-premises and cloud-based applications. This is done by both preconfigured solutions and generic configurations via RADIUS, Security Assertion Markup Language (SAML), LDAP, and more.

Duo integrates with many different third-party applications, cloud services, and other solutions. Duo allows administrators to create policy rules around who can access applications and under what conditions. You can customize policies globally or per user group or application.

Duo Premier (formerly known as Duo Beyond) subscribers can benefit from additional management within their environment by configuring a Trusted Endpoints policy to check the posture of the device that is trying to connect to the network, application, or cloud resource.

Duo Access Gateway is another component of the Duo solution. The Duo Access Gateway provides multifactor authentication access to cloud applications. You can use your users’ existing directory credentials (such as accounts from Microsoft Active Directory or Google Apps). This is done by using the Security Assertion Markup Language (SAML) 2.0 authentication standard. SAML delegates authentication from a service provider to an identity provider. You can also use the Duo Access Gateway with Azure and Google directories or third-party IdPs hosted in the cloud.

Gopinath_Pigili_0-1732085070445.png              Gopinath_Pigili_1-1732085070795.png

 

In the above figure you can see you can see how Duo provides SAML connectors for enterprise cloud applications (Office 365, Google Apps, Amazon Web Services, and so on). The protected cloud applications redirect users to the Duo Access Gateway server that is typically deployed on-premises (that is, on your network). The Duo Access Gateway acts as a SAML identity provider (IdP).

Protecting Applications with Duo, An application binds Duo's two-factor authentication system to one or more of your services or platforms, such as a local network, CMS (content management system), email system, or hardware device. You can protect as many applications as you need, and administer each independently.

Log into the Duo Admin Panel. To add a new application click Applications in the left sidebar, then click Protect an Application. Alternatively, you can click the Add New... button in the top right of the Home page and then click Application.

Gopinath_Pigili_6-1732085233171.png

Gopinath_Pigili_7-1732085248652.png             Gopinath_Pigili_8-1732085274251.png

You can also use Duo to protect virtual private network (VPN) users in your organization. For instance, you can configure a Cisco ASA or Cisco Firepower Threat Defense (FTD) device to terminate connections from remote access VPN clients and integrate Duo to provide multifactor authentication. The following Figure shows  an example of multifactor authentication where a user (osantos) connects to a VPN device and is prompted to verify the VPN connection on his iPhone’s Duo mobile app.

Gopinath_Pigili_2-1732085070826.png

Duo Premier expands secure access past traditional perimeter-based network security with the power to grant access to any application, to any user, from any device including smart phones, while maintaining security hygiene. With Duo Premier, you can...Limit remote access to specific applications without exposing the network

Gopinath_Pigili_3-1732085071317.png

Universal Prompt: Duo's next-generation authentication experience, the Universal Prompt, provides a simplified and accessible Duo login experience for web-based applications, offering a redesigned visual interface with security and usability enhancements.

Gopinath_Pigili_4-1732085070853.png

Cisco Zero Trust:  The zero-trust concept assumes that no system or user will be ―trusted when requesting access to the corporate network, systems, and applications hosted on-premises or in the cloud. You must first verify their trustworthiness before granting access.

Duo sits in the heart of the Cisco Zero Trust security framework. This framework helps you prevent unauthorized access, contain security incidents, and reduce the risk of an adversary pivoting (performing lateral movement) through your network.

Editions & Pricing

Gopinath_Pigili_5-1732085070790.png

You can use Duo for free (30 day free trail) to provide multifactor authentication for up to 10 users. That is a good way to get started and get familiar with the Duo management console. For more details please go through the following link: https://signup.duo.com/

Duo Access Gateway for Windows documentation:

https://duo.com/docs/dag-windows

Duo Access Gateway for Linux documentation

https://duo.com/docs/dag-linux

 

Thank you very much..!!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Popular Articles
Customers Also Viewed These Support Documents