Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Angel_Ramirez
Participant

OTP alternatives to SMS in CheckPoint Appliances with 2FA

Hi CheckPoint guys,

Since it seems that sending SMS is a bad idea, since hackers can intercept received SMS messages, some customers are asking us for other two-factor methods.

Are there any future plans to integrate checkpoint gateways with OTP systems like Google Authenticator or similar?

I mean without having to setup an external RADIUS server that can be tuned to integrate with these tools.

Thank you all.

0 Kudos
5 Replies
Benedikt_Weissl
Advisor

Hey,

Dynamic ID should work with emails too. Access to the users mailbox can be secured via https and Microsoft ActiveSync.

You could also try to use time-based OTP, but all solutions I know would require a external radius server.

_Val_
Admin
Admin

Which product are you talking about?

0 Kudos
Angel_Ramirez
Participant

For example a CheckPoint 1570 Appliance. With R80.20.10, we already have the option to use Two-Factor Authentication via SMS (Locally Managed), and it works very well. But some customers always want to go one step further xD

0 Kudos
G_W_Albrecht
Legend
Legend

Then i would have posted the question in SMB Appliances and SMP instead 😉 Compared to the GAiA appliances there are many restrictions, and currently, SMS is the only 2FA for SMB.

 

_Val_
Admin
Admin

Thanks, the post is now moved to SMB 🙂

0 Kudos