?
Security Transformation Zero Trust

Cisco Duo Zero Trust Lab

Bookmark
14 Launches
Solution Overview

Duo is the leading provider of unified access security and multi-factor authentication delivered through the cloud. Duo’s solution verifies the identity of users and the health of their devices before granting them access to applications – helping prevent cybersecurity breaches. Integration of Cisco’s network, device and cloud security platforms with Duo’s zero trust authentication and access products will help enable Cisco customers to easily and securely connect users to any application on any networked device.

Duo ensures only the right users and secure devices can access applications, providing a foundation for a Zero Trust framework and securing the workforce. A comprehensive approach to securing your entire IT ecosystem requires zero trust for the workforce, workloads and workplace.

Goals & Objectives

This on-demand lab provides a safe environment to implement, manage and test Duo beyond a traditional network environment. This is the best starting point for understanding the solution fundamentals and how it can provide value to your organization.

Traditional security relies on location-based trust. A Zero Trust model establishes trust for every access request — regardless of location. It enforces adaptive controls and continuously verifies trust. Trust levels are dynamic and change to adapt to your evolving business. This approach can help prevent unauthorized access, contain breaches and reduce the risk of an attacker's lateral movement.

The lab will emphasize the following concepts:

  • Lowering risk by minimizing exploitable footprint.
  • Adopting the principles of Zero Trust architecture.
    • Granting access to enterprise resources based on contextual data, including user profile, environment and enterprise.
    • Enforcing policies based on constant evaluation of the client's security posture rather than static rules.
    • Dynamic one-to-one connection, everyone attempting to access a resource must authenticate first.
  • Utilizing the concept of Zero Trust to augment or replace traditional remote access scenarios.
  • Identity-centric, with highly granular access controls and real time access changes.

Hardware & Software

Requirement: Users will need Duo Mobile App installed on their smart device.

Virtual Components

  • 1 ASAv supporting AnyConnect VPN
  • 1 DUO Access Gateway
  • 2 Application Environments both consisting of:
    • 1 Linux Server
    • 1 Windows Server
  • Splunk application for testing
  • Wordpress application for testing

SaaS Components

  • DUO Beyond

Contributors