Cisco ISE Integration
The compromise of user credentials poses a risk of unauthorized access to accounts. Nowadays, providing additional security measures to solve such issues is possible with the SecTrail authentication server.
In this document, you can find information about two-factor authentication with one-time passwords (SMS, email, SoftOTP) via SecTrail for Cisco ISE.
SecTrail Integration with Cisco ISE
- Credentials are entered on the login screen of Cisco Firepower.
- Cisco Firepower sends the information (username and password) to Cisco ISE.
- User credentials are sent to SecTrail authentication server via RADIUS request through Cisco ISE.
- SecTrail authentication server sends the RADIUS response to Cisco ISE after verifying the user's identity (such as Active Directory, Database, etc.). If the authentication is successful, SecTrail sends a one-time password to the address obtained from the user information in the database (AD, LDAP, Local) via SMS or email. An external SMS proxy or email server is used for sending. If SoftOTP (software token) is used, the password is generated through SecTrail Authenticator mobile application.
- Cisco ISE forwards the response to Cisco Firepower, and if the response is successful, Cisco Firepower presents the second screen to the user.
- The user enters the one-time password sent via SMS, email or generated by the SecTrail Authenticator mobile app as conveyed by SecTrail
- Cisco Firepower sends the one-time password to Cisco ISE, and Cisco ISE forwards it to SecTrail as a RADIUS request.
- SecTrail verifies the one-time password, sends the response to Cisco ISE. If the authentication is successful, Cisco ISE authorizes the user and sends the response back to Cisco Firepower.
- Cisco Firepower grants access to the user and starts the session.
Mobile Application Support
If you want to use SoftOTP, you can ensure your security through the SecTrail Authenticator mobile application.
You can download the SecTrail Authenticator application to your mobile device from the Apple App Store or Google Play Store.