Security

Reply
Contributor I

Two-Factor Auth with CPPM

Hello,

 

We use CPPM for both RADIUS (wireless & application), TACACS (infrastructure) authentication. Today we use CPPM to tie the authentication back to multiple AD forests across our global organization.

 

Our security manager asked me today, "does CPPM support two-factor auth". His example of two-factor was "a user with credentials as well as a token based phoebe, using both to access a particular system'.

 

I have not seen any info in the docs or on the board about two-factor except referencing some guest access feature. These type of transactions would be using CPPM, not the guest services.

 

Thanks for the info...

Aruba

Re: Two-Factor Auth with CPPM

CPPM supports integration with two-factor authentication solutions; for example RSA Authentication Manager.   It basically uses RSA as an authentication source for use in Services and Policy.     However, it may not give you what your manager mentioned  "a user with credentials as well as a token based phoebe, using both to access a particular system'.   

 

Although you can use it as an authentication source, it is really up to the application, system, or supplicant to dictate the authentication requirements.  In other words, you cannot configure your wireless supplicant to ask for both username/password and username/tokencode combinations to access an 802.1X network.   Some products (for example Juniper SA SSL VPN) have configurations to support multiple authentication/authorization sources.

 

So to answer your question, yes CPPM can integrate with two-factor solutions, however depending on the authenticating application type, it may not deliver what your security manager quoted.

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

Occasional Contributor II

Re: Two-Factor Auth with CPPM

What is the best way to setup 2FA on CPPM on 802.1X wireless services

Guru Elite

Re: Two-Factor Auth with CPPM

Please start a new thread. This one is 4 years old...


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: