This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Angel_Ramirez
Participant
‎2020-12-15 04:11 AM

OTP alternatives to SMS in CheckPoint Appliances with 2FA

Hi CheckPoint guys,

Since it seems that sending SMS is a bad idea, since hackers can intercept received SMS messages, some customers are asking us for other two-factor methods.

Are there any future plans to integrate checkpoint gateways with OTP systems like Google Authenticator or similar?

I mean without having to setup an external RADIUS server that can be tuned to integrate with these tools.

Thank you all.

0 Kudos
6 Replies
Benedikt_Weissl
Advisor
‎2020-12-15 04:45 AM

Hey,

Dynamic ID should work with emails too. Access to the users mailbox can be secured via https and Microsoft ActiveSync.

You could also try to use time-based OTP, but all solutions I know would require a external radius server.

_Val_
Admin
Admin
‎2020-12-15 04:48 AM

Which product are you talking about?

0 Kudos
Angel_Ramirez
Participant
‎2020-12-15 05:08 AM
In response to _Val_

For example a CheckPoint 1570 Appliance. With R80.20.10, we already have the option to use Two-Factor Authentication via SMS (Locally Managed), and it works very well. But some customers always want to go one step further xD

0 Kudos
Jorge_Figueroa
Explorer
‎2021-09-09 04:40 PM
In response to Angel_Ramirez

Hello Mr. Ramirez,

I am trying to implement Two-Factor Authentication via SMS on my 1590 appliance(Locally managed). I got my API ID and everything but I am having the hardest time making work and Check Point tech support is having an even more difficult time.  Would you be so kind to tell me who is your SMS provider and the DynamicID URL that was used?

Thanks in advance!

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2020-12-15 08:01 AM

Then i would have posted the question in SMB Appliances and SMP instead 😉 Compared to the GAiA appliances there are many restrictions, and currently, SMS is the only 2FA for SMB.

 

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
_Val_
Admin
Admin
‎2020-12-15 08:11 AM
In response to G_W_Albrecht

Thanks, the post is now moved to SMB 🙂

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top