Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

EDR: Does the Duo Service Fail Open or Fail Close?

EDR: Does the Duo Service Fail Open or Fail Close?

Environment

  • EDR Server: All versions

Question

Does the Duo two-factor authentication service fail open or fail close?

Answer

The Duo service fails closed.  If Dou communication is not available, the EDR servers require local access.

Additional Notes

  • If the Duo service is not available, local access to the EDR server allows the service to be temporarily disabled by commenting the cb.conf variable TwoFactorAuthCallbackModulePath and restarting services. 

Related Content


Tags (1)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎06-21-2022
Views:
64