This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Jonathan_Griffi
Participant
‎2020-04-22 10:06 AM
Jump to solution

Endpoint Security VPN - 2FA

Hi all,

Regarding Endpoint Security VPN client /blade...just wondering if anyone knows if there is a plan in the road map to use machine based certs with Radius as a 2FA pairing? It would be a great way of validating machine and user during the authentication process. I've read R80.40 is introducing machine based cert authentication, but based on current features; certificates with 2FA for Endpoint Security VPN is pretty limited as in no 2FA supported at all: sk86240

Essentially, I would love the ability to be able to validate the machine and user during the authentication phase.

From a machine compliance point of view SCV and compliance blade checks seem like they have the ability to check certain elements like reg keys etc, but ( from my limited understanding) is this only covers managed devices. Happy to be educated on this point if this isn't the case 🙂

Thanks,

Jon

 

 
0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2020-04-24 02:14 PM
In response to PhoneBoy
Jump to solution

It seems that Machine Cert + RADIUS should be a supported combination in R80.40.

View solution in original post

0 Kudos
3 Replies
PhoneBoy
Admin
Admin
‎2020-04-24 12:47 PM
Jump to solution

Endpoint Compliance is more geared for managed devices, given that it's more tied in with the larger Endpoint solutions we offer.
However, I'm not aware of a reason you can't use it for unmanaged devices as well, aside from the fact you need a full Endpoint client for each client it's installed on.

SCV was created before we had a full Endpoint solution and will work on unmanaged devices.
It will also work with Mobile Access licenses, which are "per concurrent user."

As for the roadmap question, I'll have to ask folks in R&D to comment on that.
0 Kudos
PhoneBoy
Admin
Admin
‎2020-04-24 02:14 PM
In response to PhoneBoy
Jump to solution

It seems that Machine Cert + RADIUS should be a supported combination in R80.40.
0 Kudos
Jonathan_Griffi
Participant
‎2020-05-01 03:43 PM
In response to PhoneBoy
Jump to solution

Thanks for the update....look forward to putting this combo into action. Nice one.

Cheers,

Jon
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top