Cisco Duo Device Health: Enhanced Protection for User Authentication
Multi-factor authentication is part of everyday life when attempting to access important information. We're all used to receiving an email or SMS message with an authentication code. But traditional multi-factor authentication doesn't consider device health. Should critical resources still be accessible if the end device is missing important software updates? What if someone has turned off their firewall? Should they still be allowed access to the network?
Cisco Duo makes multi-factor authentication "smart." Even with the correct code, Cisco Duo will deny the authentication attempt if the device has a compromised security posture. Cisco Duo Device Health is a small application for Microsoft Windows and MacOS that checks operating systems, firewall settings, file system encryption, and more. This application can be installed when a person enrolls in Cisco Duo for authentication. Policies can be configured to enforce the use of the Cisco Duo Device Health application so it cannot be ignored. The application can also verify that the endpoint has its antivirus and anti-malware solution enabled. It can identify the following endpoint security solutions:
BitDefender Endpoint Security
Cisco Secure Endpoint
Crowdstrike Falcon Server
CylancePROTECT
Mcafee Endpoint Security
SentinelOne
Sophos AV
Symantec Endpoint Protection
Trend Micro Apex One
VMware Carbon Black Cloud
Cisco Duo's flexible policies allow you to customize the security posture for the endpoint. For example, a policy could be applied to enforce the following settings:
The endpoint has an encrypted drive (FileVault or Bitlocker).
The endpoint has the firewall enabled.
The endpoint is password-protected.
The endpoint is using an up-to-date browser.
Unless the endpoint meets the policy, it won't be allowed to complete the authentication process. Users can see what has failed on the security policy, as well as suggestions for resolving the issue. For administrators, Cisco Duo Device Health offers reports that show what devices are meeting or failing the policy requirements.
The enhanced protection offered by Cisco Duo Device Health is a simple way to provide protected authentication requests for critical resources. If you'd like to see it in action, you can contact us for a demo.
This post was contributed by Jeff Senger, our Consulting Systems Engineer. Jeff has worked in the technology industry for over 25 years. He has multiple Cisco certifications, including CCNP Security, CCNP Collaboration, and WebEx Contact Center Expert.