If a customer environment only have an AD on-premises for their users, and want to set a MFA whenever their users try to access a private app, can it be configured somehow, or MFA integration witj Netskope is only supported on cloud IdP environments?
NPA authentication is based on SAML integration with your identity provider. This identity provider can be cloud or on-prem such as ADFS or PingFederate. Who are you using for MFA today?
Hi
Thanks for your response!
I’m facing an end customer environment where they have multiple sites, with local ADs, but they are not federated (so it’s not really an ADFS solution), they are using only local users.
Now they are considering to implement a NPA solution, but they worry that the NPA itself doesn’t have an MFA. I have told them that we can integrate Netskope with some MFA solution, but first of all we would need to authenticate the users with a SAML IdP (to be honest I told them to use a cloud IdP, and did not mention the ADFS)
So that’s when I thought to ask here, if could be possible to integrate a MFA solution on an environment with local authentication (no SAML based). I think it’s not possible, but looking for a confirmation or double check
Thanks!
regards
Your understanding is correct. NPA and other Netskope services invoke SAML which can then use whatever MFA the administrator chooses. ADFS may be the best option if they are entirely on premise today but ultimately they will need an IDP with SAML support.
Thanks for a good and clear answer as usual
I’ll tell end customer that as expected we would need to authenticate the users with a SAML based solution in order to integrate a MFA service
Reply
Login to the community
If you haven't already registered, now is a good time to do so. After you register, you can post to the community, receive email notifications, and lots more. It's quick and it's free! Create an account
Login with SSO
Employee PartnerEnter your E-mail address. We'll send you an e-mail with instructions to reset your password.