Skip navigation
Product & Engineering

Part 2: Announcing Duo’s MFA for Cisco’s Firepower Threat Defense (FTD)

This blog post is the second in a three-part series on how Duo integrates with Cisco technology. Read part one.

Duo’s integration with Cisco’s AnyConnect VPN is one of Duo’s most popular. Over 5,000 customers use Duo’s multi-factor authentication (MFA) with Cisco’s AnyConnect to provide VPN access to users. Up until now, customers were able to secure their AnyConnect VPN client running on Adaptive Security Appliance (ASA) products only.

Secure Access on Firepower Threat Defense (FTD)

Today, we are announcing beta availability of Duo's MFA for AnyConnect running on Cisco’s Firepower Threat Defense (FTD). You can learn more about Cisco FTD here.

With this integration, admins can now deploy Duo’s MFA to secure VPN access. Users have the flexibility to use one of several authentication options such as Duo Push, OTPs, Phone call, SMS or hardware tokens to authenticate with Duo. Most of our users utilize Duo Push, which is an easy and secure way to authenticate. With Push authentications, admins can get visibility into users' mobile devices and insights into the security posture of devices. If a mobile device does not meet the corporate security policy, such as device should have passcode lock enabled, it can be blocked from receiving Push notifications, prompting the user to take appropriate remediation action.

To enable this integration, customers need to upgrade to Firepower version 6.3 using Firepower Management Center (FMC) as the management software. Future software releases will include support for Firepower Device Manager (FDM), the on-box management software used to manage FTD.

This integration is available with Duo Free, Duo MFA, Duo Access and Duo Beyond editions.

If you want to set up this integration, you can use this integration document or get in touch with your account executives.