Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Angel_Ramirez
Participant

OTP alternatives to SMS in CheckPoint Appliances with 2FA

Hi CheckPoint guys,

Since it seems that sending SMS is a bad idea, since hackers can intercept received SMS messages, some customers are asking us for other two-factor methods.

Are there any future plans to integrate checkpoint gateways with OTP systems like Google Authenticator or similar?

I mean without having to setup an external RADIUS server that can be tuned to integrate with these tools.

Thank you all.

0 Kudos
6 Replies
Benedikt_Weissl
Advisor

Hey,

Dynamic ID should work with emails too. Access to the users mailbox can be secured via https and Microsoft ActiveSync.

You could also try to use time-based OTP, but all solutions I know would require a external radius server.

_Val_
Admin
Admin

Which product are you talking about?

0 Kudos
Angel_Ramirez
Participant

For example a CheckPoint 1570 Appliance. With R80.20.10, we already have the option to use Two-Factor Authentication via SMS (Locally Managed), and it works very well. But some customers always want to go one step further xD

0 Kudos
Jorge_Figueroa
Explorer

Hello Mr. Ramirez,

I am trying to implement Two-Factor Authentication via SMS on my 1590 appliance(Locally managed). I got my API ID and everything but I am having the hardest time making work and Check Point tech support is having an even more difficult time.  Would you be so kind to tell me who is your SMS provider and the DynamicID URL that was used?

Thanks in advance!

0 Kudos
G_W_Albrecht
Legend
Legend

Then i would have posted the question in SMB Appliances and SMP instead 😉 Compared to the GAiA appliances there are many restrictions, and currently, SMS is the only 2FA for SMB.

 

CCSE CCTE CCSM SMB Specialist
_Val_
Admin
Admin

Thanks, the post is now moved to SMB 🙂

0 Kudos