Forum Discussion
Solved
Concerns using Microsoft MFA
Dear Forum members, My company is using ADFS + DUO but thinking about using Microsoft PHS + MS MFA. We are testing staging roll out but have been told that our Security team has concerns about M...
- Hi Chandrasekhar_Arya, thanks for your reply. It is very helpful! If I understand correctly, when we use Microsoft MFA+ PHS, we will need to configure Conditional Access Policy and lefverage Trusted locations+ Identity to control the access. Additionally, we can add device and other controls in the conditional access policies to further fine-tuning it. But in terms of VPN access, I am not familiar with how it works so not sure how to configure CA. Are you saying it has no difference from other access sources so we should just treat them the same and use the same or similar policy? Any suggestions is appreciated.
Thank you once again for all your help!
Sally
Hi Chandrasekhar_Arya, thanks for your reply. It is very helpful! If I understand correctly, when we use Microsoft MFA+ PHS, we will need to configure Conditional Access Policy and lefverage Trusted locations+ Identity to control the access. Additionally, we can add device and other controls in the conditional access policies to further fine-tuning it. But in terms of VPN access, I am not familiar with how it works so not sure how to configure CA. Are you saying it has no difference from other access sources so we should just treat them the same and use the same or similar policy? Any suggestions is appreciated.
Thank you once again for all your help!
Sally
Thank you once again for all your help!
Sally
Slee6004 yes that's correct. As an example if you have to login to azure portal you can't control via your corporate VPN as it's a public URL and can be accessed anywhere in the world that's has internet.what is in your control is to define a CA and block once the user enters his username
- Thank you once again for your help!
Slee6004 Please "Accept as Answer" if it helped so it can help others in community looking for help on similar topics.