0% found this document useful (0 votes)

53 views6 pages

DuoFactSheet PDF

Cisco Duo's Continuous Identity Security solution enhances identity protection and user productivity by providing multi-factor authentication (MFA), passwordless access, and trusted endpoint management. It leverages AI for threat detection and offers various editions (Essentials, Advantage, Premier) to cater to different organizational needs. The solution integrates with existing infrastructure to ensure secure access while minimizing authentication interruptions.

Uploaded by

willmorekanan

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

53 views6 pages

DuoFactSheet PDF

Uploaded by

willmorekanan

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 6

Continuous Identity Security

by Cisco Duo
Stop identity-based threats and boost workforce productivity.
Duo’s Continuous Identity Security solution adds a • MFA with Verified Duo Push: combat MFA fatigue
powerful security layer for any identity infrastructure and attacks and use FIDO2 authenticators such as
provides the best-in-class access experience across all security keys and platform biometrics for phishing-
users, devices, and applications. IT and security teams resistant MFA.
benefit from reducing coverage gaps in heterogeneous
environments and swift responses to detected threats. • Duo Single Sign-On (SSO) with Duo Central: enable
End users benefit from fewer authentication interruptions a consistent user login work low across all
for an enhanced productivity experience in trusted applications and easy application access.
scenarios.
• Passwordless Authentication: enable secure,
seamless access to applications with Duo Mobile,
Powered by Cisco Identity Intelligence, Duo provides FIDO2 security keys and device biometrics.
deep, cross-platform identity visibility and uses AI to
assess and dynamically respond to identity-related • Trusted Endpoints: block access from unknown
threats before, during, and after login. Detect session devices and only allow trusted devices to gain access
hijacking, inactive account probing, MFA flood, and other to resources.
sophisticated identity threats using AI-based detection
logic. And automate response by incorporating identity • Integrate with Cisco Secure Endpoint: prevent
risk and context into Duo’s dynamic risk-based infected devices from accessing resources.
authentication policies.
• Access Policies: assign and enforce authentication
globally or per user group.
Duo Editions • Authorized Networks: apply policy to enable access
From setting up MFA for just a few users to securing only from authorized networks.
your entire workforce Duo provides organizations with
• Visibility: view dashboard of all devices accessing
simple and effective tools to secure their workforce
applications with device insight.
identity perimeter.

Duo Essentials
Get everything needed to secure your identity perimeter
and boost user productivity. Duo Essentials is a strong
identity security solution that includes:
Duo Advantage Duo Premier
Upgrade to Continuous Identity Security with Duo Expand protection and effortless access to cloud and
Advantage. Get cross-platform identity visibility and on-premises resources and private applications.
threat response capabilities, and a seamless access
experience that is dynamically informed by risk – before, Duo Premier is a complete identity security and access
during, and after login. management solution that addresses user and device
risk for every application and expands protection and
Duo Advantage provides complete visibility of identity ease of access to on-premises and private resources.
security posture (ISPM), device security posture, AI-
based identity threat detection and response (ITDR), Includes everything in Duo Essentials and
dynamic risk-based authentication and a seamless login Advantage, plus:
experience that minimizes repeated authentications.
• Duo Network Gateway: provide end-users with
Includes everything in Duo Essentials, plus: VPN-less remote access to private applications
hosted on-premises or in multi-cloud environments
• Cisco Identity Intelligence: Identify, detect, protect, while enforcing zero trust security principles. Enable
and respond to identity-based threats by gaining secure, seamless SSO access to internal web
multi-vendor visibility across identity sources and applications (HTTPS) and servers via SSH, RDP and
incorporate identity context into Duo’s risk-based SMB.
authentication policies.
• Endpoint Protection Check: Limit device access to
• Duo Passport: authenticate once on a trusted applications based on presence of endpoint
device and get uninterrupted access to permitted protection product (CrowdStrike, SentinelOne, Cisco
applications across browsers and thick clients, Secure Endpoint, etc.).
minimizing repeated authentication requests.

• Risk-Based Authentication: adjust authentication

requirements in real time based on risk signals.

• Device Health: perform checks for updated

operating systems, browsers, and compliance with
security policies.

• Adaptive Access Policies: enforce adaptive access

policies per application based on user’s location,
device health or network.

• Duo Trust Monitor: machine learning that detects

potential attacks in progress, and surfaces
suspicious events.

• Visibility and Reporting: full-featured dashboards

and custom reports for compliance audits and ease
of administrative management, with deeper visibility
into devices.
User Authentication Duo Essentials Duo Advantage Duo Premier
Ensure users are who they say they are

MFA

MFA with security keys, FIDO2, OTP, phone callback1,

SMS and hardware tokens

Multi-Factor Authentication with Duo Push for iOS and Android

Unlimited application integrations

User self-enrollment & self-management

Telephony credits: 100 credits/user/year

Push Phishing Protection

Customizable number-matching with Verified Duo Push MFA

Enforce utilization of phishing-resistant factors

Immediate alert of suspicious logins

Passwordless

Passwordless Authentication to SSO Applications (Duo SSO,

third-party SSO)

Duo Mobile as Passwordless authenticator

Identity Posture and Threat Detection

Gain visibility across identity sources into MFA usage, admin

controls, inactive or dormant accounts, excessive permission,
and more (Cisco Identity Intelligence)

AI-based detection for identity-based threats such as session

hijacking, MFA flood, and more (Cisco Identity Intelligence)

Surface anomalous and risky logins with Machine Learning for

detection of potential attacks in progress (Trust Monitor)

Detect new registration of authentication devices

Duo Passport

Reduce the number of times users need to authenticate

without compromising security
Device Trust
Ensure only known and healthy devices can Duo Essentials Duo Advantage Duo Premier
access resources

Trusted Endpoints

Allow only managed and registered devices to

access applications

Enforce trust on BYOD and 3rd party devices through

device registration

Limit device access to applications based on enrollment in

endpoint management systems such as LANDesk, JAMF,
Microsoft Intune

Limit mobile access to applications based on enrollment in mobile

device management systems such as AirWatch, MobileIron,
Microsoft Intune, Meraki Systems Manager

Integrates with Cisco Secure Endpoint to block

compromised devices

Device Health

Enforce device trust policies based on security health of laptops and

desktops (out-of-date software, encryption, firewall, etc.)

Enforce device trust policies based on security health of mobile

devices (encryption, tampered, screen lock, biometrics)

Notify users when and how to self-remediate their devices without

helpdesk intervention

Limit device access to applications based on presence of endpoint

protection product (Crowdstrike, SentinelOne, Cisco Secure
Endpoint, etc.)

Visibility

Dashboard of all devices accessing applications (Device Insight)

Visibility into security health of mobile, laptops and desktops

– checks such as updated operating systems, browsers and
compliance with security policies (Duo Device Health)

Full-featured dashboards, authentication logs, and custom reports

for compliance audits and ease of administrative management
Authentication and Access Policies
Increase security and visibility by enforcing adaptive Duo Essentials Duo Advantage Duo Premier
access policies and dynamic risk-based policies

Risk-Based Authentication

Dynamically adjust authentication requirements in real time

based on risk signals

Uses an array of accurate signals, such as Wi-Fi fingerprinting,

to determine risk level and enforce risk-based policies while
preserving user privacy

Enable longer sessions and only require re-authentication

when risk signals change

Adaptive Access Policies

Assign and enforce authentication globally or per user group

Enforce policies based on authorized networks

Assign and enforce security policies per application

Block authentication attempts from anonymous networks like Tor,

proxies, and VPNs

Enforce policies based on device health status

Enable Access - Single Sign-On
(SSO) and Remote Access
Make it easy and safe for users to access what they Duo Essentials Duo Advantage Duo Premier
need and stay productive