08-14-2018 06:14 AM
Do you have to have an on-prem server to run the DAG, in order to provide controls over office etc. Cannot it not be configured cloud to cloud , like a cloud security broker?
08-14-2018 06:42 AM
Hi @simon.moore!
You are correct. Today, the Duo Access Gateway must be configured on a physical or virtual host. While you could deploy the virtual host in cloud infrastructure like AWS or Azure, we don’t offer a 100% cloud-hosted SAML solution today.
08-14-2018 06:46 AM
shame -
is it in the road map?
As a start-up , we don’t want any on-prem hardware, or a large IT team to manage it. The appeal of duo was as a one stop show, simple to set up, with scalable user charges. Having to set up a server to protect my cloud apps such as office , sort of misses the point.
S
08-14-2018 07:08 AM
If you’re using Office 365 and have an Azure AD P1 subscription behind that, you can use our [custom MFA control for Azure AD to protect Office 365 logins without a server deployment. If you use Azure AD as the authentication directory for other application you can apply the Duo CA control to those as well.
We also partner with other cloud identity providers to provide MFA, like Okta and OneLogin.
Do you have an account manager or customer success manager? They are able to have roadmap discussions with you. If you aren’t a Duo customer yet, you can sign up for free at https://signup.duo.com.
08-20-2018 01:35 AM
How does this compare with Akami, on the face of it seems similar, but they are fully cloud based.
08-20-2018 05:58 AM
If you’re taking about Akamai Enterprise Application Access (EAA), you can use Duo MFA with that too. Here are those instructions: Akamai EAA | Duo Security
08-20-2018 06:34 AM
ok , got that. But given Akami also do MFA, why would i not just all with them?
08-20-2018 06:35 AM
are you saying i can use their service rather than your gateway - so avoid ing the need for an on-prem server?
08-20-2018 06:44 AM
you can message me directly if you like
08-21-2018 07:41 AM
Duo offers many options for adding MFA to Office.
On-premises solutions (which could also be run on a cloud-hosted VM like in AWS or Azure):
Cloud solutions by Duo:
Cloud solutions from Duo partners:
I can think of some reasons someone might not want to use the MFA offered in EAA (IIRC it’s SMS and email based, neither of which are as secure as an out of band push notification), but I’m not a sales person! As I mentioned, a Duo account manager could have roadmap discussions with you, or share specific reasons why customers have chosen Duo’s MFA over the MFA options offered by cloud IdP vendors (beyond reasons like ease of use, other applications and services supported, flexibility in authentication methods, access policies, etc.). Sign up for free at https://signup.duo.com to start that conversation.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide