FIDO-VPN will support systems relying on standard VPN protocols (LT2TP and L2TP/IPSec), such as Meraki Client VPN and Fortinet VPN solutions. No special VPN client installation is required, although we will be releasing VPN helper apps to simplify the user experience and make the process as fast as possible one click will be enough to establish a VPN link. The solution will work with both FIDO2 and FIDO keys (WebAuthN implementation with fallback to U2F for older keys) and will work via modern web-browsers supporting FIDO keys authentication.
To address this gap, TOKEN2 is currently finalizing a feature as a part of its TOTPRadius solution, to provide VPN access with FIDO security keys protection option, in addition to classic TOTP authentication. While OTP solutions are still secure, utilizing FIDO keys' main features to protect VPN access may improve security even further. This may look like a solution but is still a TOTP. HOTP by pressing a button, or TOTP via a companion app). The majority of the current solutions that are being marketed as supporting FIDO and FIDO2 keys are using the OTP functionality of the security keys (most USB FIDO keys, in addition to U2F and/or WebAuthN features, also have an additional module that can generate OTP, i.e. While classic OTP (and namely TOTP) still remains industry standard for two-factor authentication and is supported out of the box by the majority of VPN servers and clients, there is not a lot of products that can leverage the FIDO keys for securing VPN access. Multi-factor authentication for VPN systems, such as Meraki Client VPN or Fortinet VPN will be possible using FIDO Security keys, both FIDO2 and U2F.
Connecting to VPN with FIDO Security keys using TOTPRadius FIDO-VPN Interface
0 kommentar(er)
