Credential theft continues to plague organizations. Once attackers infiltrate a network, they can blend in with legitimate users, move laterally, and steal or destroy assets without raising any alarms. Multi-factor authentication (MFA) helps prevent credential abuse, but deployment obstacles—such as integration
with custom and legacy applications—may prevent organizations from implementing it broadly across all their sensitive resources.
RSA SecurID Access can enforce MFA at the network layer to cover all resources including legacy and custom applications. With this integration, organizations using Palo Alto Networks’ next-generation firewalls can:
- Quickly provision multi-factor authentication without needing to manually update applications and infrastructure.
- Provide federated single sign-on and strong authentication for remote users with Palo Alto Networks Global Protect and Global Protect Clientless VPN.
- Provide secure and convenient access with modern MFA.
- Leverage machine learning-based risk assessments for identity assurance across all resources.
- Support compliance requirements for PCI DSS and HIPPA.
Make access decisions smarter. RSA provides identity assurance: It confirms users are who they say they are by considering the sensitivity of the applications they’re trying to access and the level of risk associated with their access attempts and behaviors. In this manner, users can seamlessly access the applications they need and are only challenged when the level or risk requires it.
In addition to securing your legacy and custom apps, RSA SecurID Access can support your cloud, SaaS and on-premises resources, including your VPN. With RSA SecurID Access, the most widely used authentication solution on the planet, there’s no need to deploy any other authentication platform: RSA SecurID Access is built to support all of your users and all of your use cases.
RSA SecurID Access has several ways to integrate with Palo Alto Networks’ next-generation firewalls:\
- Captive Portal integration options REST API, RADIUS, and SAML
- GlobalProtect: RADIUS & SAML