![]() ![]() I realize this breaks the whole “something you have and something you know” as the application sits on the PC that is VPN’ing in. With this, they can provide the ever-changing security code and gain access to their environment. Now when the user needs to VPN in they can run the same Authenticator which runs on an Android Phone on their PC. I then enabled a PIN on open for the application for some added security. This emulator acts just like a typical Android device, and since it allows me to install applications from the Android Marketplace I could also install Microsoft’s Authenticator Application. To do this I installed a device emulator for Android on my PC. Leveraging Microsoft’s Authenticator App on the PC itself. Namely, how to manage global distribution and management of these new physical assets moving around the globe.Ī potential solution came up which is a little outside of the box, but has some promise. The problem was if they went down this path they would have a whole new set of problems to think about. ![]() However, Microsoft has tested a few of these such as Gemalto IDProve, Deepnet Security Safeld and Safenet OATH tokens which are the ones I would suggest you start out with. Since the service is based on standards any OATHO token using TOTP (time-based one-time passwords) would work. This would then mean they would have to fall back to issuing physical “hard token” device. The challenge with this client is they needed to support the use case of having users in different parts of the world who cannot be guaranteed of having access to a phone. The service is pretty robust and most clients would choose to use their phone to receive the phone call, text message or even run the Authenticator App from Microsoft (Android, iPhone, and Windows Stores) in order to provide that second factor in the authentication process. This design involves setting up an MFAS server onsite and then integrating it via RADIUS to be part of the Authentication chain. Setting up Microsoft Azure’s multi-factor authentication service This service can do a great number of things, but in particular, they wanted to be able to integrate into MFA with their Cisco ASA VPN solution in order to help with PCI compliance. I was working with a client recently who wanted to take advantage of Microsoft Azure’s Multi-Factor Authentication (MFA) service. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |