![]() Your organization must purchase your own third-party tokens and import them into Duo. Token Restrictionsĭuo federal editions customers may not purchase Duo-provisioned D-100 tokens from Duo for authentication needs. FIPS-Validated Secret Generationĭuo randomly generates 40-character application secret keys ("skeys") and client secrets with FIPS-validated Deterministic Random Bit Generators (DRBG) using the Cisco FIPS Object Module. ![]() Ensure that your Duo application versions and the operating systems of the hosts where you install Duo applications also support TLS 1.2.Īdditionally, the API host domain for federal editions is instead of the domain used by Duo commercial editions. Duo Service Connectivityĭuo's federal editions strictly require TLS 1.2 secured communications. Trusted Endpoints and Duo Network Gateway are not available in the federal editions. Available Editionsĭuo offers Federal MFA and Federal Access subscription plans. This document describes how Duo's federal editions differ from Duo’s commercial editions. Most administration and deployment tasks in Duo federal editions use the same published instructions available at /docs. Comparing Duo Federal Editions with Duo's Commercial Editionsĭuo's federal and commercial editions use the same core components and are administered in the same way, via the Duo Admin Panel. Check the documentation or FAQs for the Duo applications you will be deploying to determine if they support HTTP proxy. Many of Duo’s applications support the use of an HTTP proxy to provide connectivity to Duo. If your organization requires IP-based rules, please contact your Account Team or Support Team for additional information. Connectivity Requirementsĭuo’s integrations communicate with Duo's service via HTTPS on TCP port 443, for both commercial and federal editions.įirewall configurations that restrict outbound access to Duo's service with rules using destination IP addresses or IP address ranges aren't recommended, since these may change over time to maintain our service's high availability. Once submitted, Duo will reach out to qualify and confirm eligibility to ensure customers are federal agencies, federal contractors, public sector entities, or Cloud Service Providers (CSPs) pursuing FedRAMP. To sign-up for Duo’s federal editions, please fill out the contact form on Duo's Federal Editions page. Starting a Trial of Duo's Federal Editions If you’re a US Federal Agency and you need to access Duo’s FedRAMP Authorization Package please leverage OMB’s MAX Portal or contact your Duo Federal Account Executive. Duo’s FedRAMP Package for Duo’s Federal Editions ![]() All Federal Edition product differences outlined within this guide were completed to ensure product alignment with FedRAMP/NIST 800-53 security controls, NIST’s Digital Identity Guidelines (SP 800-63-3), and FIPS 140-2 compliance requirements for Duo’s US Federal/Public Sector customers. Welcome to Duo Security’s Federal Guide to Duo’s FedRAMP Authorized Federal Editions.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |