Azure MFA cloud based protection for on-premises VPNs is now in public preview

Azure MFA cloud based protection for on-premises VPNs is now in public preview

How does the NPS Extension for Azure MFA work?

With the NPS Extension for Azure MFA, which is installed as an extension to existing NPS Servers, the authentication flow includes the following components:

– User/VPN Client: Initiates the authentication request.
– NAS Server/VPN Server: Receives requests from VPN clients and converts them into RADIUS requests to NPS servers.
– NPS Server: Connects to Active Directory to perform the primary authentication for the RADIUS requests and, if successful, pass the request to any installed NPS extensions.
– NPS Extension: Triggers an MFA request to Azure cloud-based MFA to perform the secondary authentication. Once it receives the response, and if the MFA challenge succeeds, it completes the authentication request by providing the NPS server with security tokens that include an MFA claim issued by Azure STS.
– Azure MFA: Communicates with Azure Active Directory to retrieve the user’s details and performs the secondary authentication using a verification method configured for the user.

Read more at – Azure MFA cloud based protection for on-premises VPNs is now in public preview

Allidm Identity Access Management Post Image

Tags: ,