OTP for VPN connections (Pulse Connect Secure)

Companies use VPNs to enhance the security of their networks and maintain privacy when employees, who have access to their data and networks are traveling, working from home, or otherwise accessing their information remotely.

The VPN connection is considering by specialists to be safe, but proper user verification can be a challenge. Widely used singular identity verification could be not sufficient to protect the business. Therefore to provide a higher level of security, we have introduced new functionality to the NACVIEW system. One time password (OTP) authentication provides additional security for VPN portal access. OTP is combined with standard user credentials to increase security for user identity verification.

Another challenge for VPN connection is to give the user access to specific resources only. Incorrect profiling of the user may result in that user being able to access the wrong subnet. A marketing employee gaining admission into confidential financial information is a highly undesirable effect, which is why NACVIEW effectively verifies which group the user belongs to and, on this basis, assigns him appropriate permissions.

How it works?

Two conditions must be met for the OTP service to work. First, Pulse Secure must be configured in NACVIEW as a network device. The second condition is that the user has the Pulse Connect Secure application.

The first stage of verifying the user's identity is checking his credentials in the local NACIEW database or in an external, e.g. Active Directory. If the login and password are correct, and the account is active and the resource is properly configured, the second stage of validation takes place. NACVIEW sends the user an SMS with a verification code, which must be entered into the Pulse Connect Secure application. After correct verification of the code and its validity, access to specific network resources is granted.


OTP Flow chart

The administrator can choose additional parameters while he configuring OTP in NACVIEW, for example, code lifetime or message content. The OTP module is equipped with the ability to create object groups and display logs from authorization events.

If your company uses a different VPN solution, write to us at office@nacview.com and ask for integration.


All posts