Two-factor authentication over Microsoft AD FS 3.0 and 4.0
With Protectimus, you can quickly and easily ensure a high level of protection for access to corporate web services and cloud resources by setting up two-factor authentication over AD FS 3.0 and 4.0
Reliable protection
Protectimus’s OATH-certified two-factor authentication solution is the best choice for protecting access to corporate applications if you use ADFS. Authentication using one-time passwords from Protectimus is a reliable means of protecting against brute-force attacks, keyloggers, most phishing attacks, social engineering, and man-in-the-middle attacks.
15-minute setup
If you use Active Directory Federation Services (AD FS) 3.0 or 4.0 in your network infrastructure, integrating a two-factor authentication solution from Protectimus will take no more than 15 minutes. Download the installer and setup instructions for the Protectimus ADFS component below. If you have any questions, contact our support team at [email protected].
Compatibility with a range of services
Through ADFS 3.0 and 4.0, you can configure Protectimus two-factor authentication for a wide variety of cloud services, including AWS, Asana, Desk, Dropbox, Evernote, Expensify, Freshdesk, GitHub, GoToMeeting, Jira SSO, Namely, Microsoft Office 365, OpenDNS, Salesforce, Citrix ShareFile, Slack, Splunk, SugarCRM, Sumo Logic, Cisco Webex, Workday, Workplace, Zendesk, and Zoom.
Protectimus ADFS
Active Directory Federation Services (ADFS) allows you to configure access using Single Sign-On (SSO) technology for all key web applications and cloud
services used on your corporate network. That way, to log into a work account and access corporate applications and cloud services, users only need to
be authenticated once. It's important to ensure maximally reliable protection for logons at this stage.
Introducing multi-factor authentication through ADFS can help you to manage this task. Using two different factors — knowledge (a username and password)
and possession (an OTP generator token) — to protect access to confidential information and corporate web applications is one of the most reliable,
effective, and attack-resistant security solutions in existence today. In the event that a user's password is intercepted or guessed, their account
remains protected by the one-time password, and vice-versa.
The comprehensive ADFS multi-factor authentication solution from Protectimus is easy to integrate into your infrastructure if you use ADFS 3.0 or 4.0.
For that purpose, we developed the Protectimus ADFS module, with an easy-to-use installer and detailed setup instructions which you can download below.
If you run into any difficulties, our technical team will be happy to help you and answer any questions you may have.
The server component of the Protectimus ADFS 2-factor authentication solution is available through a SaaS model, or as an on-premise platform. For
one-time password delivery, we offer the Protectimus Two and Protectimus Slim NFC hardware OTP tokens; the free Protectimus Smart software security
token; SMS; email; and chatbots in Telegram, Viber, Messenger, and other messaging applications.
Extensive functionality
We offer not only a reliable two-factor authentication system compatible with ADFS, but also an extensive array of features, making the administration of Protectimus 2FA solution easy, intuitive, and effective
Time filters
Using time-based filters, you can easily manage employees' access times to corporate resources. An administrator can set up Protectimus ADFS two-factor authentication to allow employees to log into their accounts only at a predefined time, such as during business hours. At other times, logins will be blocked.
Event notifications
Protectimus ADFS multi-factor authentication system administrators have access to a range of administrative tools, including event notification functionality. The event monitoring feature allows an administrator to receive notifications about each important event that takes place in the system, sent directly to their phone or email.
Unified authentication ecosystem
With Protectimus, you can set up a powerful authentication ecosystem and manage all 2FA nodes from a single admin panel. The Protectimus two-factor authentication solution supports integration with ADFS, RADIUS, SAML, Citrix NetScaler, Citrix XenApp, VMware, RoundCube, Microsoft RDP and WinLogon right out of the box.
SaaS or On-premise platform
We recommend beginning with the SaaS model for testing. In terms of functionality, the service and platform are identical; to switch from cloud servers to local servers, you need only to change a couple lines in the configuration file
SaaS model
The cloud service is ready to use without requiring any additional efforts or infrastructure spendings from the client. There's no need to purchase additional equipment to support on-site servers. The system is deployed on a cluster of high-performance servers. A load balancer distributes the load amongst the servers. A monitoring system continually tracks the state of the network infrastructure, and Protectimus administrators are alerted about any possible threats or critical situations. A hardware security module guarantees the secure storage of cryptographic information.
On-premise platform
This is an ideal choice for those who want full control over their corporate infrastructure, authentication process, users data, and other confidential information. Another advantage of hosting the on-premise platform on your own servers is that the system doesn't require internet access in order to function. You can strengthen the security of your own isolated network using additional firewalls or other protective measures. However, the disadvantage lies in the additional time and costs associated with acquiring, setting up, and managing the required equipment and network infrastructure.
Supported services
The Protectimus ADFS component enables you to easily set up two-factor authentication for these services
Amazon Web Services, Asana, Adobe Document Cloud, Aha!, BambooHR, BlueJeans, Bomgar SSO, Bonusly, Box, Bugsnag, Canvas, Clarizen, CloudLock, Confluence SSO, Crashplan, CyberARK, Datadog, Desk, Digicert, DocuSign, Dropbox, EgnYte, Evernote, Expensify, Freshdesk, GitHub, Citrix GoToMeeting, Greenhouse, GSuite, Hackerone, HackerRank, Heroku, Atlassian HipChat, Igloo, Intacct, Jamf PRO, JitBit, Jira SSO, Looker, Merketo, Cisco Meraki, Namely, NetDocuments, New Relic, Microsoft Office 365, OpenDNS, Pagerduty, PaloAlto Networks, RemedyForce, RingCentral, Robin, Salesforce, Samanage, SauceLabs, Citrix shareFile, Signal Science, Slack, SmartSheet, Splunk, StatusPage, SugarCRM, Sumo Logic, Syncplicity, Tableau, Udemy, Usevoice, Cisco Webex, Workday, Workplace, Zendesk, Zoom, and others.
Easy setup
Quickly and effortlessly configure two-factor authentication for any service supporting ADFS
Register with the service
Register with Protectimus 2FA cloud service. To do so, follow this link, fill out the registration form, and confirm your email address
Activate a payment plan
To use Protectimus SaaS platform and enable the API, you'll need to activate a payment plan. To do so, navigate to the “Payment plans” section
Creating a Resource
Resources are used to logically group users and OTP tokens. To create a resource, click "Resources" in your account, in the menu to the left, and then click "Add resource" at the top of the table
Create Users
Create users and OTP tokens, and assign them to the resource you created earlier. Remember that service users will need logins of the form [email protected]
Install Protectimus ADFS
Download the installer and setup instructions for Protectimus ADFS 3.0 or 4.0 using the buttons below. Run the Protectimus ADFS installer and follow the instructions.
