Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Duo

            Introduction

            This article describes the Field Effect MDR integration with Duo. This article covers the following:


            Integration Details

            If your organization uses Duo, this integration allows Field Effect MDR monitoring access to your Duo environment, enriching its monitoring fidelity. Once integration, Field Effect MDR will monitor for users in simultaneous use, UEBA analysis, and more.


            Requirements 

            To complete this integration, you will need: 

            1. Administrator access to the Field Effect MDR Portal
            2. Administrator access with the Owner role in your Oka environment
              • The account you use must be an Administrator setup with the Owner role.  If you are creating a secondary Administrator account for this, ensure you elevate the role to Owner.
            3. One of the following Duo plans: 
              • Duo Access
              • Duo Beyond
              • Duo MFA
              • Duo Essentials
              • Duo Advantage
              • Duo Premier


            If you would like to leverage the "Networks for API Access" field in Duo, which allows you to control source IP access for the Duo Admin API, please use the following IP: 

64.26.180.112/28


            For more, visit Duo's support documentation: 


            Setting up the Integration

            The following sections outline the process of integrating Oka with Field effect MDR; from preparing Okta for the integration and completing the integration in the MDR portal


            Prepare Duo for the Integration

            Log into the Duo Admin Panel and click Applications in the sidebar.


            Graphical user interface, application, website Description automatically generated


            Click Protect an Application and locate the entry for the Duo "Admin API" in the applications list. On the Far right of this entry, click Protect.


            Graphical user interface, text, application, email Description automatically generated


            You’ll be taken to the Admin API page for Duo. Copy the integration key, secret key, and API hostname.


            Graphical user interface, text Description automatically generated


            Under Permissions, ensure "Grant read log" is checked, and click Save Changes.


            Graphical user interface, text, application, email Description automatically generated

             

             

            Complete the Integration in the MDR Portal

            Partners: This procedure is performed on a per-client basis. Ensure that the Organization Selector is set to the appropriate client before continuing.


            After you have prepared Duo for the integration (above), Navigate to the Field Effect Portal's Administration > Integrations page. From the Cloud monitoring tab, click Add for Duo.  



            The duo monitoring window will appear. The first page provides instructions for Configuring Duo API Access (also listed above). After completing this process, click Next.



            Provide your API Hostname, Admin API Integration Key, and Admin API Secret Key. Once added, click Submit.



            You'll be taken back to the integrations page, and the integration card will show that the integration is connected and promoted to the top, alongside any other connected integrations. 


            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0