Skip navigation

Adaptive Authentication & Policy Enforcement

Set policies to grant or block access attempts by identity or device and based on contextual factors such as user location, network address ranges, biometrics, device security and more.

Enforce Role-Based Access Policies

Determine who can access which applications based on an individual or group, or their specific roles and responsibilities, with Duo’s trusted access solution. Set customized policies based on authentication method on a per-user or per-group basis.

Restrict Access Based on Geolocation

See where users are authenticating from and prevent unauthorized access from any geographic location. Block access from the Russian Federation, North Korea or any other country, for that matter, to thwart access attempts from from any geolocation.

Establish Specific Device Health Requirements

Duo's Device Health application assesses the security posture of users' devices on every authentication attempt, check for disk encryption, anti-malware status, device firewall status, device password status, and more. When a device doesn't meet your security standards, Duo can block access to any protected application, ensuring mission-critical data is always protected.

Grant or Block Access by Network

Control Access Based on Network

Enforce controls based on the network from which a user is trying to access applications. Duo allows you to grant or deny access based on a set of IP address ranges that you determine.

Block Tor and Anonymous Networks

Block authentication attempts from anonymous networks like Tor. Duo’s trusted access aggregates data about users’ authentication devices and gives you insight into what kind of network they’re authenticating from.

Device Controls

Set Fine-Grained Device Access Policies

With Duo's user-friendly administrator dashboard and Device Health application, you can set granular standards for device trust. Easily identify risky devices and enforce security policies based on operating system, browser and plugins, screenlock and biometrics settings, status of device security measures (like firewalls and anti-malware protection), and more.

Secure Devices Without an MDM

Identify all devices that access your environment, tag them to specific users and understand who owns a device, how many they’re using and what applications they access. Get a comprehensive view and insights of all end-user devices without an MDM.

Ensure Healthy, Updated Devices

Notify your users to update their own devices at login with Duo’s Self-Remediation. Or, use Duo’s Endpoint Remediation to automatically block device access to enterprise applications based on outdated software versions.

"[Rolling out Duo] allowed me to own security. All of the insight it gives you, all of the control, how granular the access policies are. It really makes you the owner of security, regardless of what role you’re in.”

— Allen Jeter, Head of IT, Branch