Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Multi-factor authentication
#1
Question 
Does the current version of ASG provide the ability to use MFA when connecting to a device, and if not is there a plan to implement this going forward.
Reply
#2
Perhaps you can tell me more details of what you expect? We support MFA to sync data between password managers and ASGRD - for connecting to remote machines nobody missed MFA?!? I know RDP supports MFA by RDG - but I think this is handled by RDP protocol itself?!?
Regards/Gruss
Oliver
Reply
#3
(15-04-2020, 01:55 PM)DevOma Wrote: Perhaps you can tell me more details of what you expect? We support MFA to sync data between password managers and ASGRD - for connecting to remote machines nobody missed MFA?!? I know RDP supports MFA by RDG - but I think this is handled by RDP protocol itself?!?


Hi i'm also interested in MFA for accessing ASGRD. 

We have a lot of credentials and server information in this application that we would like to protect as much as possible.
We would like our users to authenticate with AD username/password or passthrough and confirm login with some sort of MFA (SAML 2.0 if possible)

In our organisation we have several MFA solutions but we prefer SAML 2.0 with smartcards that would be super.

/M
Reply
#4
Ok I will add to the feature list - MFA for Login into an ASGRD environment
Regards/Gruss
Oliver
Reply
#5
(10-06-2020, 10:01 AM)DevOma Wrote: Ok I will add to the feature list - MFA for Login into an ASGRD environment

Thanx!
Reply
#6
Hello,

are there news if this feature ist allready available?

Thanks Dirk
Reply
#7
No currently not available
Regards/Gruss
Oliver
Reply
#8
is there any alternate option available to enforce 2FA while signin to ASG app? it's really important to secure privileged accounts which are stored inside ASG
Reply
#9
2FA is already available
Regards/Gruss
Oliver
Reply
#10
How to configure it? do we have article?
Reply
#11
First activate in Settings=>2FA - then you need to enable it for users in Tools=>User Accounts - it is also described in help file
Regards/Gruss
Oliver
Reply
#12
Great to see that this has been implemented, thank you for listening to your customers/users and putting this in place.
Reply
#13
I have now tested the MFA with google authenticator for a while and it works like a charm. Awsome job!

is a SAML 2 version planned?
we use smartcards in a IDP solution and it would be awsome if it was possible to use that in ASG
Reply
#14
Currently not planned - but we are always interested in any customer needs :-) So I will add it to the feature list...
Regards/Gruss
Oliver
Reply
#15
Also interested to use Smartcard Login to ASGRD as MFA, would second that feature :-)
Reply
#16
openidconnect or oath would be acceptable aswell. we dont use those yet but our system support those protocolls..
Reply
#17
Being able to use/cache the Smartcard within ASGRD that is used for login, to be able to also use it to authenticate against CyberArk PSM (which requires the same Smartcard to authenticate) would also be benefical :-)
Reply
#18
(29-04-2022, 01:04 PM)Vahr001 Wrote: Being able to use/cache the Smartcard within ASGRD that is used for login, to be able to also use it to authenticate against CyberArk PSM (which requires the same Smartcard to authenticate) would also be benefical :-)

CyberArk Identity supports OAuth 2.0
Reply
#19
(29-04-2022, 01:54 PM)martinrjl Wrote:
(29-04-2022, 01:04 PM)Vahr001 Wrote: Being able to use/cache the Smartcard within ASGRD that is used for login, to be able to also use it to authenticate against CyberArk PSM (which requires the same Smartcard to authenticate) would also be benefical :-)

CyberArk Identity supports OAuth 2.0

The "problem" is CyberArk was introduced here using PKIPN (Smartcard Authentication) - security/management decision, don't ask questions :-) - and we are trying to adopt it as comfortable as possible for the end users with the given circumstances ;-)
Reply
#20
Hi. Any news on OAuth or SAML authentication in ASG-RD? We would welcome that feature, as we are using a 3rd party MFA provider with Azure AD, which is currently bypassed by direct authentication to the SQL Server.
Reply




Users browsing this thread: 1 Guest(s)