Layer7 Access Management

Expand all | Collapse all

MFA - Internal and External Access

  • 1.  MFA - Internal and External Access

    Posted 01-25-2017 09:21 AM

    We are using CA Secure cloud 1.5.7, We intend to configure SSO with cloud based SaaS application such as Salesforce and provide MFA for it. Can we

    • Distinguish if the user has accessed from internet or Intranet. Only if the user has accessed from internet then MFA should be invoked while accessing Salesforce for intranet access, Only username/password should suffice
    • Configure Risk based profiles i.e if the user is accessing from specific countries or accessing at odd working hours, only then MFA should be invoked else username/password should suffice. 

    Can we achieve the above?



  • 2.  Re: MFA - Internal and External Access

     
    Posted 02-24-2017 11:41 AM

    On the first item, you could segregate between the internet and intranet traffic by separate web servers/web agents. Once so segregated, you could protect them with separate authentication schemes (one MFA, the other username/pw).

     

    Couldn't that work for you?