EDR: Does the Duo Service Fail Open or Fail Close?
EDR Server: All versions
Does the Duo two-factor authentication service fail open or fail close?
The Duo service fails closed. If Dou communication is not available, the EDR servers require local access.
If the Duo service is not available, local access to the EDR server allows the service to be temporarily disabled by commenting the cb.conf variable TwoFactorAuthCallbackModulePath and restarting services.