I am running the Community Edition and have not found anything concerning MFA for xSOAR users. What would be the preferred way to enable MFA for users like Analysts and Administrators?
The XSOAR community edition does have a DUO integration that can be specifically used to provide 2fa authentication for admin logins to the portal.
Just go to settings>integrations and either scroll down or type duo into the search bar at the top.
Hope this helps.
Any standard SAML IdP is supported.
We do not have specific document for gsuite, but you can see the Okta example: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoar-admin/users-and-roles/authent...
There are also guides from google on how to use gsuite as SAML IdP...
You can use Ping for SAML auth, MFA would then enforced on the login with Ping.
While we list Okta, AzureAD, ADFS, you can certainly use other SAML providers like Ping.
Thanks for the quick response.
We have already tested SAML integration with PingID and it works fine. How do I force it to use Ping, is that something which needs to be configured on Ping side or XSOAR side?
When you go to login to your XSOAR server, you will see a button "Log in with your Identity Provider (SSO/SAML)". If you have previously setup local accounts in XSOAR, you can disable them, or change the passwords to force users to login with SSO going forward.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!