Is Duo MFA a Reliable Choice for Our Team?

By
Amaresh Kulkarni
-
0
14
Asked By TechieTraveler92 On

I'm a junior sysadmin exploring ways to enhance our system security, specifically focusing on implementing multi-factor authentication (MFA) for Windows 11 logins and our Sonicwall Global VPN. I'm considering Duo as a potential solution but have a few questions:

1. Is Duo MFA a good option for our needs, and what would the estimated cost be for around 60 users?

2. How does Duo work for shared systems where multiple users access the same device?

3. If IT needs access to a system and the user isn't able to log in, is there a workaround or any admin tools available to help?

4. How smoothly can Duo integrate with Sonicwall Global VPN? We've had performance issues with Sonicwall Netextender before.

If Duo isn't the best choice, what alternatives should I consider? Thanks for any guidance!

5 Answers

Answered By NetworkGuru On

We're using the free Azure NPS for RADIUS on our Sonicwall Global VPN, and it works well! Duos can potentially slow things down, but leverage good setups and read through the available documentation to find alternatives. Duo does handle MFA for Windows sign-ins, but Windows Hello for Business might be better for a seamless experience.

Answered By SafetySamurai On

Duo is generally user-friendly and supports multiple third-party authorization options under one license, which is a big plus. It's definitely worth considering if you're looking for easier implementation across your systems.

Answered By CloudKing101 On

You might want to look into O365 Premium. It allows you to switch to a cloud-joined PC setup, which requires MFA at login. What I appreciate about Duo is that you can manually trigger the MFA request, making it easier to verify users during phone support.

Answered By AdminWhisperer On

For shared systems, you can link multiple devices to an account in Duo. After entering the password, you choose which device to send the push notification to, and that works perfectly.

Answered By SecuritySavant On

Duo does support MFA at Windows logins, but for a better user experience, consider Windows Hello for Business. It creates a more convenient sign-in process. If you're set on using Duo, you could try it along with Entra MFA for the VPN for a dual approach.

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.