- Products
- Learn
- Local User Groups
- Partners
-
More
Celebrate the New Year
With CheckMates!
Value of Security
Vendor Self-Awareness
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
Mobile Security
Buyer's Guide Out Now
Important! R80 and R80.10
End Of Support around the corner (May 2021)
When implementing 2FA with SMS gateway and AD (in R80.10), is it possible to have some users with 2FA and others not? The purpose it to have superadmins which can remotely access when there are issues with the SMS gateway.
Or the segmentation must be between AD users and local users?
Also for the purpose of testing, how can we setup only a user with 2FA (without enabling 2FA for all users)?
You can still have users authenticate with AD and be defined locally.
In fact, you have to do that for "exceptions" (for example, some users needing MFA, the rest not, or vice versa).
I do this, but using Clearpass/Freeradius instead of AD directly.
It's merely a matter of response you send based on the user/pass request. Instead of ACCEPT, send a CHALLANGE when not super admin.
Br,
Thomas
Hi Rui,
Did you find a way to get your test running, with only test users doing 2FA and not everyone?
Looking to do this myself.
Thank you
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY