Differences between DNG and DAG


I’m trying to protect a web application running in AWS that uses Microsoft SQL server logins. At present we are using Simple Active Directory to manage the AWS instances. The web application is not SAML compatible.

I’m trying to understand the differences between the Duo Network Gateway and the Duo Access Gateway for our situation. With the latter, DAG, does your application need to be SAML compatible? It seems that with the first one, Duo Network Gateway, you could have a two step login process and use it even for applications that don’t support SAML.

Thanks for your help.

in your case you will need for sure to use the DNG to add a layer of reverse proxy with DUO auth and the DAG if you do not have already a SAML. Also the DAG can be replace with a Duo Cloud SSO in Beta.

1 Like

Perfect, I now understand. Thanks!