I came across a customer recently who, as a bit of a side project wanted some assistance setting up MFA using RSA Secure-ID and TACACs on Cisco ISE to login to their switches and routers. I had no idea this was even possible until they asked.
I didn't have to do too much on ISE to make this work with their existing TACACs policies, and someone else took care of the RSA side config.
It worked really well, and gor me wondering why it MFA isn't used for device administration more often.
Anyone else using MFA with TACACs, regardless of provider and TACACs server?
No comments:
Post a Comment