We have new requirements to require MFA for administrative access to just about everything and have to put into place in very short order. “In addition to remote access, multi-factor authentication is required for the following, including such access provided to 3rd party service providers: 1 All internal & remote admin access to directory services (active directory, LDAP, etc.). 2 All internal & remote admin access to network backup environments. 3 All internal & remote admin access to network infrastructure (firewalls, routers, switches, etc.). 4 All internal & remote admin access to the organization’s endpoints/servers." What I'm trying to do is described pretty well in the document linked below: try to access something, get prompted. Trying to do this with Azure AD. From what I understand, browser based applications can be done with captive portal and non browser based can be done with GlobalProtect app. Is that right? Trying to leverage our existing Azure MFA. Configure GlobalProtect to Facilitate Multi-Factor Authenti... (paloaltonetworks.com) Thanks, Chris
... View more