Cisco Duo

Solutions for every security goal

Multi-Factor Authentication (MFA)

What is Multi-Factor Authentication (MFA)? MFA is a security access management solution that verifies a user's identity at login with two or more verification factors. By providing a layer of protection to a user or company’s data, MFA helps to prevent malware, phishing, and ransomware attacks. With Cisco Duo, MFA is easier than ever to integrate, implement, and use.

Frustrate Attackers, Not Users

  • We're the easiest MFA solution for users and administrators. Duo Mobile and Verified Duo Push are just two examples of the convenient, user-friendly MFA methods that we support. All a user has to do is download the Duo Push application onto their smartphone and voila: they’re ready to authenticate!

Scale MFA as You Grow

  • Because Duo functions like a gateway for your existing and future IT infrastructure, it’s the perfect solution for growing businesses of any size. Set up new users and support new devices at any time, and protect new applications almost instantly — without impacting legacy technology.

Get Adaptive Authentication

  • Duo's adaptive authentication is an advanced type of MFA that lets you create custom access policies based on contextual factors like role, application, geographic location, network, and device health.

Build a Foundation for Passwordless

  • Duo Passwordless Authentication builds on MFA to verify user identity with login tools like biometrics, security keys, and the Duo Push mobile app. Users only have to verify once in a timeframe set by administrators, making it simpler than ever to log on securely.

Expand Your Coverage

  • Duo natively integrates to secure any application or platform, so whether you're adding two-factor authentication (2FA) to meet compliance goals or building a full zero trust framework, Duo is the perfect addition to your security portfolio with tools like:
  • Multi-cloud, hybrid, or on-premises environments
  • Software as a service (SaaS) tools, critical infrastructure, custom applications, even secure shell (SSH)
  • Secure remote access and VPN clients, bring your own device (BYOD), and even offline devices

Secure Remote Access

Secure remote access refers to security solutions that enable a workforce to safely access an organization's applications and resources from outside the corporate network. Leading secure remote access solutions adapt to any tech setup, confirm user identities with MFA, and evaluate each login with device trust—whether your workforce is onsite, remote, or hybrid. By providing simple, trusted access to remote workers, Cisco Duo delivers world-class protection that frustrates attackers, not users.

Secure VPN-Less Remote Access for Any Environment

  • Duo Network Gateway is a secure proxy for on-premise and cloud environments (Azure, AWS, GCP, etc.), ensuring access security across your organization.

Security Controls for Every Application

  • The Duo Network Gateway, our secure remote access VPN-less proxy, ensures authorized access to applications. Enjoy streamlined user login, permission control, and reliable application security with Duo.

Flexible Options

  • Duo provides flexible options to accommodate your remote access strategy. Deploy a modern remote access solution and add an extra layer of protection to an existing VPN like Cisco AnyConnect, Juniper, Citrix, F5, and more.

Device Trust

Identify risky devices, enforce contextual access policies, and report on device health using an agentless approach or by integrating with your device management tools.

Healthy Devices Reduce Security Risk

  • You can't protect what you can't see. Gaining visibility into devices is the first step in establishing device trust, and it’s an essential aspect of a strong zero trust strategy. Duo provides visibility into every single device on your network and enforces health checks at every single login attempt.

Complete Device Visibility

  • Verify device health before granting access, to prevent exposing your applications to potential risk. Duo provides detailed information about both corporate and unmanaged devices, so you can easily spot security risks like out-of-date or jailbroken devices.

Easy Reporting and Policy Management

  • Duo helps you spot potential risks so you can meet compliance and adjust your access parameters for any situation. With powerful reporting capabilities and an admin-friendly dashboard, Duo makes it easy to monitor your security policies and spot anomalous login activity.

Advanced Security for BYOD

  • Secure access to the applications your users need, on the devices they want to use, from anywhere in the world. Full-time employees, short-term contractors and vendors alike can all get up and running with Duo quickly and easily, and granular access controls give them right role-specific permissions. The Duo Mobile authentication app and Duo's Device Health check the hygiene of your users' mobile and desktop devices at every login, to make sure they always comply with your security standards.

Single Sign-On (SSO)

Single sign-on (SSO) from Duo provides users with an easy and consistent login experience for every application, cloud or on-premises. Cloud-based and hosted by Duo, SSO is easy to set up and manage and it is a key step to your passwordless journey.

Decreased Risk for Industry Compliance

  • SSO means users don’t have to remember multiple passwords, reducing the risks associated with credential compromise and breaches. With cyber insurance requiring multi-factor authentication (MFA), Duo has you covered for secure access for the workforce.

Simplified Access to Save Time and Cost

  • SSO provides simplified access for today’s hybrid work environment, allowing users easy access to all permitted apps in seconds! By reducing login credentials and offering self-service, Duo helps save time and cost for onboarding to applications, password resets, device management and more.

SSO for a Passwordless Future

  • Planning for passwordless? SSO is an essential step in your journey! SSO dramatically reduces reliance on passwords from the start, and Duo Passwordless relies on SSO for secure authentication. Duo provides the easiest to deploy and manage passwordless SSO solution.

Adaptive Access Policies

Get granular about who can access what and when. Duo lets you create custom access policies based on role, device, location, and many other contextual factors.

Granular Security at the Flip of a Switch

  • A true zero-trust strategy changes the level of access or trust based on contextual data about the user or device requesting access. It also limits access to only users that really need it. With Duo, you can set up detailed policies in minutes via a simple, intuitive administrator dashboard, and manage rules globally or for specific applications or user groups.

Verify Trusted Users

  • Every user has a different use case for access to your applications, and Duo handles them all with ease. Detect user location, device, role, and more at every login, set security policies based on these attributes, check for anomalous access, and continuously monitor policy efficacy — all without interrupting your users' daily workflows.

Secure Access Based on Device Trust

  • Protect against potentially compromised or risky devices accessing your applications and data. Apply security policy across every device — managed or unmanaged. Duo lets you define permissions based on OS and individual device settings, and automatically notify (or even block) users when their software is out of date.

Implement Policies by Application

  • Take a big step toward zero trust by making sure the right people have access to the right tools. Duo's application-specific controls make it easy to onboard contract employees, change access permissions, protect high-value information with stringent security policies, and more.

Dynamically Respond to Risk

  • Duo’s Risk-Based Authentication solution evaluates potential threat signals at each login attempt and adjusts security requirements, in real time, to protect trusted users and frustrate attackers.