ManageEngine, the IT management division of Zoho Corporation, today announced that ADSelfService Plus, an integrated Active Directory (AD) self-service password management and single sign-on (SSO) solution, now supports multi-factor authentication (MFA) for VPNs to protect organizations’ internal networks from unauthorized access. By adding an extra authentication step, ADSelfService Plus makes it extremely difficult for attackers who depend on password cracking or compromised credentials to gain access to the network resources.
“VPN gateways are directly accessible through the internet and are prone to brute force and other types of attacks. Relying on credentials alone to protect VPN access to vital resources could result in immeasurable losses”
Amid the COVID-19 outbreak, enterprise VPN solutions have become indispensable for organizations with employees who work from their homes yet need to access resources on their organizations’ internal networks to get their work done. As a result, VPNs have become the focus of hackers such as the one who reportedly published a list of plaintext usernames and passwords, along with IP addresses for more than 900 Pulse Secure VPN enterprise servers. To prevent attackers from using compromised credentials to access VPN servers, the US Department of Homeland Security recommends implementing MFA on all VPN connections to increase security.
“VPN gateways are directly accessible through the internet and are prone to brute force and other types of attacks. Relying on credentials alone to protect VPN access to vital resources could result in immeasurable losses,” said Parthiban Paramasivam, director of product management, ADSelfService Plus. “Implementing MFA for VPNs ensures that employees have a second layer of defense even if their credentials are compromised. ADSelfService Plus presents a MFA solution that is both secure and easy to use for employees.”
Securing VPNs with MFA via biometric authentication and security tokens
The 2020 State of Password and Authentication Security Behaviors Report found that biometric-based authentication was the top preference among users when it comes to authentication. ADSelfService Plus supports a wide range of secure and user-friendly authentication factors, including:
- Fingerprints
- Face ID
- Push notifications and TOTPs via the ADSelfService Plus mobile app
- YubiKey OTP
- Google Authenticator
- Microsoft Authenticator
Additionally, ADSelfService Plus seamlessly integrates with Active Directory (AD). Since many organizations already use AD credentials for VPN authentication, implementing MFA for employees requires only minimal configuration.
Apart from MFA, ADSelfService Plus also supports creating strong password policy rules that prevent dictionary words, palindromes and common patterns such as 1234, asdf and qwerty. Similarly, ADSelfService Plus integrates with Have I Been Pwned? to prevent users from setting their account passwords to previously compromised passwords.
Pricing and Availability
MFA for VPNs is available immediately in the latest editions of ADSelfService Plus. Pricing for the Professional edition of ADSelfService Plus starts at $1,195 annually for 500 users. A fully functional, 30-day trial version is also available for download at https://www.manageengine.com/products/self-service-password/download.html.
ADSelfService Plus also offers a Free edition for up to 50 users. The Free edition supports all the features of the Professional edition, including MFA for VPNs, conditional access policy, single sign-on, and password self-service. It can be downloaded at https://www.manageengine.com/products/self-service-password/download-free.html.
About ADSelfService Plus
ManageEngine ADSelfService Plus is an integrated Active Directory self-service password management and single sign-on solution. It offers password self-service, MFA for endpoints, password expiration reminders, a self-service directory updater, a multi-platform password synchronizer, and single sign-on for enterprise applications. ADSelfService Plus also offers both Android and iOS mobile apps to facilitate self-service for end users anywhere, at any time. ADSelfService Plus supports IT help desks by reducing password reset tickets and spares end users the frustration caused by computer downtime. For more information about ADSelfService Plus, visit https://www.manageengine.com/products/self-service-password/.
About ManageEngine
ManageEngine is the enterprise IT management division of Zoho Corporation. Established and emerging enterprises — including 9 of every 10 Fortune 100 organizations — rely on ManageEngine’s real-time IT management tools to ensure optimal performance of their IT infrastructure, including networks, servers, applications, desktops and more. ManageEngine has offices worldwide, including the United States, the Netherlands, India, UAE, Mexico, Singapore, Japan, China and Australia, as well as 200+ global partners to help organizations tightly align their business and IT. For more information, please visit manageengine.com; follow the company blog at blogs.manageengine.com and on LinkedIn at www.linkedin.com/company/manageengine, Facebook, www.facebook.com/manageengine and Twitter @ManageEngine.
Contacts
Media:
Ahana Vissa
ManageEngine
ahana.g@zohocorp.com
Follow us on Twitter: @manageengine