An overview to Cisco DUO

On October 1, 2018, Cisco announced the completion of its acquisition of Duo Security, a privately-held, unified access security and multi-factor authentication company headquartered in Ann Arbor.

What is DUO?

Cisco Duo allows secure connections to applications (on premises or in the cloud). Using multi-factor authentication (MFA) and contextual user access policies, organizations can verify an employee’s identity to ensure they are who they say they are and add more checks on the trustworthiness of devices through security health inspections. With MFA a person’s username and password are not enough to assume an individual’s identity, and the risk of a hacker getting access to critical data is significantly reduced.

Note: Multi-factor authentication is an authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something the user and only the user knows), possession (something the user and only the user has), and inherence (something the user and only the user is).

What can you do?

  • Confirm user identities in a snap.
  • Monitor the health of managed and unmanaged devices.
  • Set adaptive security policies tailored for your business.
  • Secure remote access without a device agent.
  • Provide security-backed, user-friendly SSO.

Note: Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID and password to any of several related, yet independent, software systems. The benefits are:

  • Mitigate risk for access to 3rd-party sites (user passwords not stored or managed externally)
  • Reduce password fatigue from different username and password combinations
  • Reduce time spent re-entering passwords for the same identity
  • Reduce IT costs due to lower number of IT help desk calls about passwords

Duo integrations

Securing your Remote Access: Securing your remote access Duo integrates with mostly VPN provider making a strong user authentication as well as device health checks. This integrated solution provides security admins with the ability to enforce consistent user and device based access policy for VPN access, therefore reducing the risk of breaches.

Securing your DNS: Cisco Umbrella is a cloud security platform that provides security at the DNS level of a network. Umbrella identifies malicious domains, IPs, as well as anomalies and predicts emerging threats. Umbrella provides first line of defence against threats whilst protecting logins into Umbrella which is critical to maintain the integrity of security infrastructure. Duo is integrated with Umbrella to provide strong user authentication and device security hygiene checks ensuring access to Umbrella is not compromised.

Securing your Cloud Apps: Duo’s integration with Cisco WebEx offers a number of ways to add two-factor authentication and flexible security policies to WebEx SSO logins. Duo Security layers strong authentication and a flexible policy engine on top of WebEx logins using the Security Assertion Markup Language (SAML) 2.0 authentication standard. Duo is able to authenticate your users using existing on-premises or cloud-based directory credentials and requires two-factor authentication before permitting access to WebEx.

Network flow

Radius network diagram (MFA):

  1. Primary authentication initiated to application or service
  2. Application or service send authentication request to Duo Security’s authentication proxy
  3. Primary authentication using Active Directory or RADIUS
  4. Duo authentication proxy connection established to Duo Security over TCP port 443
  5. Secondary authentication via Duo Security’s service
  6. Duo authentication proxy receives authentication response
  7. Application or service access granted

Single sign-on (SSO):

Duo Access Gateway secures access to cloud applications with your users’ existing directory credentials (like Microsoft Active Directory or Google G Suite accounts) using the Security Assertion Markup Language (SAML) 2.0 authentication standard. SAML delegates authentication from a service provider to an identity provider, and is used for single sign-on (SSO) solutions.

Cisco-duo-SSO

Price

Duo’s service is free for personal use (up to 10 users); additional options are available for business and enterprise users.

References: