cisco duo

What is ZERO TRUST: 

Zero trust is often described by the mantra of “Never trust, Always verify” i.e Nothing can be trusted without proper verification.  

a) Is a product or service.

b) It sets a logical access boundary based on identity and context. 

c) Around a certain application or collection of applications.

DUO is a ZERO TRUST Solution it helps organizations : To Protect Access to 

• Critical Applications, 

• Data, 

• Systems.

By Offering 

• Phishing resistant authentication with Passwordless Authentication and Multi-factor Authentication (MFA), 

• Single Sign-On (SSO), 

• Adaptive Access Policies, 

• Device Trust,

• VPN-less Remote Access. 

Available in Three Editions : 

a) Duo Essentials, 

• Multi-Factor Authentication (MFA) - Protects against stolen credentials and account take-over. 

• Phishing-Resistant Authentication - Prevents attackers from bypassing MFA (includes verified Duo push and support for FIDO2 authenticators). 

• Single Sign-On (SSO) - Allows users to log in only once to access multiple applications. 

• Passwordless Login - Enables secure login without a password, using Duo Mobile or FIDO2 authenticators. 

• Trusted Endpoints - Checks that the device is registered or managed before allowing access. 

• Phone Support - Provides phone support availability based on the edition. 

b) Duo Advantage, 

• Cisco Identity Intelligence - Detects and protects against identity-based threats using multi-vendor visibility across identity sources. 

• Duo Passport - Minimizes authentication fatigue while improving productivity. 

• Device Health Check - Confirms device security posture before granting access and provides visibility into security health. 

• Risk-Based Authentication - Dynamically adjusts authentication requirements in real-time based on risk signals. 

• Threat Detection - Detects potential attack attempts using Machine Learning with Duo Trust Monitor

c) Duo Premier

• VPN-less Remote Access: Provides end-users with remote access to private applications, hosted on-premises or in multi-cloud environments, enforcing zero trust security principles.

• Endpoint Protection Check: Limits device access to applications based on the presence of endpoint protection products (e.g., CrowdStrike, SentinelOne, Cisco Secure Endpoint).