I'm reading on the forums that Royal Server supports MFA. How exactly does that work and enforce the MFA?
For instance, let's say we have fifteen network engineers and they all have a copy of RoyalTS. We then roll out Royal Server and require that everyone tunnel through the RoyalServer to reach the network equipment via SSH. At this point, Royal Server is not doing much more than what a Linux bastion host would do.
Then we use the Royal Server to serve as a central repository for RoyalTS documents. I haven't tried this yet but it sounds like it will be a nice time saver. No need to pass around RTSZ files any longer.
Does the MFA trigger when you start your first connection? Does it trigger with every new connection? What's the user interaction here?
We are already using Duo Security for many of our MFA tasks. Does Royal Server directly interact with Duo or does int need to interact with LastPass? How does that interaction look?
I received an eval license and tried out the MFA on the Document Store on Royal Server. It worked great! But that's not quite what we needed.
Can we do MFA on the Royal Server Secure Gateway? For instance, when the engineers arrive in the morning they would have to MFA to get their first connection through the Secure Gateway but after that, all new sessions would go through the Secure Gateway without re-checking the MFA.
We use Duo Security here but the Microsoft Authenticator is a valid second option for us.
right now, we only support MFA for docs but we will look into expanding the feature. I kindly ask you to post a feature request to the Ideas forum where we can track the feature and see how many other users are interested in it.
I put this into a Feature Enhancement Request here...
Thank you, Dan!