Security

Hi,

For one of our customer we are searching after a MFA solution.

We would like to build it with CPPM.

Does CPPM have the possibility to send authenticating VPN users a SMS with an access token? We also want to have an e-mail option as failback in case the user doesn't respond to SMS.

Kind regards,

Which MFA provider do you have? SMS is not an option.

We use SMSpasscode at the moment.

So above solution doesn't work on CPPM?

Kind regards,

SMS is not considered a secure second factor so we do not support it for non-visitor flows.

Ok, to get everything straight, the e-mail option is supported?

Kind regards,

No

Ok, so the whole setup isn't supported on CPPM?

Any proposals?

We cannot make recommendations for other products. Identity solutions should be selected based on security requirements.

For CPPM UI, any MFA solution that's part of an existing login flow via SAML is supported. For TACACS+, any MFA solution that has a RADIUS agent component is supported.

I think the customer should have the option to decide, SMS is considered very secure in many countries.