SecTrail MFA
SecTrail MFA (Multi-Factor Authentication) provides multi-factor authentication to largely prevent unauthorized access. It offers multi-stage verification for secure access to your network, portals, or applications.
This documentation is prepared for SecTrail MFA v2.0.0.
What is SecTrail MFA and Why is it Necessary?β
SecTrail offers comprehensive solutions to corporate authentication challenges. With Multi-Factor Authentication (MFA), it provides layered security for organizations' critical systems in an era where passwords alone are insufficient.
Key Featuresβ
- π True Multi-Factor Authentication: Ability to create multiple factorsβnot limited to a single factor.
- π Universal Protocol Support: Integration with all devices and applications supporting RADIUS and SSO.
- π SAML 2.0 & ADFS Federation: Single Sign-On (SSO) for web applications, MFA for services behind ADFS.
- π» Operating System Integration: Support for Windows Logon/RDP, Mac Login, Linux SSH/Sudo.
- π± Mobile Application: Push notificationsi TOTP token generation and Login with QR with iOS and Android.
- π REST API: MFA integration for your custom applications.
- βοΈ Flexible Policy Management: Time, geolocation, and attribute-based access controls.
Why SecTrail MFA?β
With SecTrail MFA, organizations achieve:
β Secure and Stableβ
SecTrail can operate stably under heavy load and enhances security by preventing service disruptions with its Active-Active design.
- High Availability (HA)
- Guaranteed uninterrupted service
- Redundant server architecture
β Customizableβ
SecTrail, with its modular code structure, can be configured to meet corporate needs and requests.
- Flexible factor chains
- Defining custom policy rules
- Custom authentication flows
β Fast and Dynamicβ
The advantages provided by SecTrail include easy integration and fast support.
- Rapid installation and deployment
- User-friendly administration panel
- Wide vendor support (Palo Alto, Fortinet, Cisco, Checkpoint, F5, etc.)
- Fast technical support and problem resolution
β 24/7 Supportβ
Our experienced engineers are ready to intervene quickly when support is needed.
- Experienced engineering team
- Quick problem resolution
- Installation and configuration support
- Professional technical consultancy
Extensive Integration Coverageβ
- RADIUS Integration - VPNs, firewalls, and network devices
- SSO Integration - Web applications and cloud platforms
- ADFS Integration - Microsoft Active Directory Federation Services
- Windows Login/RDP Integration - Windows operating system logins
- Mac Login Integration - macOS operating system logins
- Linux SSH/Sudo/Console Integration - Linux operating system access
Authentication Methodsβ
SecTrail MFA offers more than 10 authentication methods, providing solutions for every use case. Verification can be performed with an unlimited number of multiple factors:
| Method | Description | Use Case |
|---|---|---|
| LDAP/Active Directory | Corporate directory verification | Username and password verification as first factor |
| SMS OTP | One-time password via SMS | Enter 6-digit code received via SMS |
| Email OTP | Verification code via email | Enter code received via email for second factor authentication |
| Push Notification | Instant approval via mobile app | Login by Accept/Decline on notification in mobile app |
| TOTP (Soft OTP) | Time-based token (SecTrail Authenticator) | Generate 6-digit time-based code from mobile app, offline usage |
| Local User | Local database | Local username and password authentication in non-LDAP environments |
| Admin Approved (Approved OTP) | Hierarchical approval system | Login with OTP code approved by administrator for critical access |
| QR Login | Passwordless login with QR code | Scan QR code on screen with mobile app for passwordless login |
| Mail Auth | Click approval via email | Verification by clicking link in email |
| LDAP + OTP | Combination of LDAP password and OTP | Enter both LDAP password and OTP code on single screen |
| WebAuthn | Hardware key with FIDO2 standard | Authentication with platforms like Windows Hello, Touch ID |
π Newly Added Authentication Methodsβ
New features introduced with SecTrail MFA v2.0:
- Login with QR: Instant login by scanning a QR code with the mobile app
- WebAuthn: Support for FIDO2 compliant platforms (Windows Hello, Touch ID, etc.)
- LDAP+OTP: Entering both LDAP password and OTP in a single step
- Mail Auth: Link-based approval system via email
- Approved OTP: Administrator-approved access control
Quick Startβ
- π§ Initial Installation - System setup
- π License Management - License activation
- π Adding a RADIUS Client - Device definition
- π― Application Profile - Factor configuration
Highlighted Featuresβ
π True Multi-Layered Securityβ
SecTrail MFA fully supports multi-factor authentication - you can create multiple factors.
- Two-Factor (2FA) and Multi-Factor (MFA) authentication
- Flexible factor chains: Configure as many factors as you need (unlimited)
- Support for multiple methods for each factor
- Ability to freely arrange the factor order
βοΈ Smart Policy Engineβ
- User, group, and department-based policies
- Access control based on time, geolocation (GeoIP), and IP
- Rules based on Active Directory attributes
π Logging and Reportingβ
- All authentication attempts
- Real-time monitoring and audit trail
- Syslog integration (SIEM)
- Dashboard and graphical reports
π€ Register Portalβ
- Mobile App Registration Panel - SecTrail Authenticator registration
- WebAuthn Registration Panel - Platform management (Windows Hello, Touch ID, etc.)
- SSO Session View - Check and manage active sessions
- Password Reset Panel - Password reset
For detailed information, see the Register Panel page β
π± SecTrail Authenticator Mobile Appβ
SecTrail Authenticator generates a soft token for applications secured with SecTrail as well as many well-known applications like Azure, GitHub, Twitter, Gmail.
- iOS and Android support
- Push Notification: Instant approval notifications
- TOTP Token: Time-based tokens for offline use
- QR Login: Passwordless login with QR code
- Multi-account management
Documentation Sectionsβ
π Getting Startedβ
Introduction to SecTrail MFA, basic concepts, and a quick start guide.
π Authentication Methodsβ
11+ different authentication methods - LDAP, SMS OTP, Push, WebAuthn, and more.
π‘οΈ Access Controlβ
Geolocation, time, IP-based access control policies, and security settings.
π Integrationsβ
Integration guides for VPNs, firewalls, web applications, and other systems.
π User Guideβ
Step-by-step configuration guides and usage examples.
π οΈ Registration Panelβ
System administration, backup, licensing, and maintenance operations.
Supportβ
π 24/7 Technical Support - Our experienced engineering team is always ready to assist you.
- Email: destek@sectrail.com
- Phone: +90 850 222 0268
SecTrail MFA - Multi-Factor Authentication with Secure Access Solution