Рет қаралды 246
This concept demonstrates a scenario of a Highly Secured Remote-Access VPN with characteristics outlined below:
1. Several protection mechanisms against end user device replacement or substitution (Device is tied to a User account);
· Validation of a connecting PC fingerprint mapping to an authenticating user allowed PC fingerprint in authentication database;
· Validate allowed PC fingerprint for a user using DUO MFA, utilizing AnyConnect UDID as a login name;
2. Multifactor Authentication:
· User certificate with fields check and MFA based on one of the fields;
· Login (Non-modifiable, inherited from certificate) and password;
3. Posture Assessment of a connecting host.