Different Integration MethodsRead Documentation
Duo Security and Palo Alto Networks® collaborate to prevent the use of stolen credentials by providing a policy-based multi-factor authentication framework natively in the next-generation firewall. This unique capability makes it easy to enforce multi-factor authentication from the firewall to stop adversaries from moving laterally in a network and accessing sensitive resources with stolen credentials or compromised endpoints. This partnership enables customers to implement a zero-trust security architecture by requiring two-factor authentication and device hygiene checks for local and VPN users. Visit https://www.paloaltonetworks.com/
Palo Alto GlobalProtect Gateway is integrated with Duo to verify users and check the security of their devices before granting them VPN access. Now, you can easily deploy strong authentication across your entire network without needing to update your applications and services. Duo integrates with Palo Alto Networks GlobalProtect Gateway through both SAML and RADIUS protocols.
Duo integrates with the Palo Alto Networks Captive Portal to verify the identity of users and the security of their devices, regardless of whether they are logging in locally or through a remote VPN connection, and whether they are accessing internal or cloud applications. Now, you can easily deploy strong authentication across your entire network without needing to update your applications and services. Duo integrates with the Palo Alto Networks Captive Portal through using SAML and the Duo AuthAPI.
Duo secures administrative logins (both local and Panorama) to Palo Alto Networks firewalls. Administrators are authenticated using Duo MFA and the security of their devices is verified before granting access to the admin interface. This integration is done using SAML.