Palo Alto Networks GlobalProtect Integration
Hijacking user credentials poses a risk of unauthorized access to accounts. Nowadays, providing additional security steps to solve such problems is possible with the SecTrail verification server.
In this document, you can find information about providing two-factor authentication via one-time password (SoftOTP) for SecTrail and Palo Alto Networks GlobalProtect.
Palo Alto Networks GlobalProtect Integration with SecTrail
- Credential information is entered on the login screen of Palo Alto Networks GlobalProtect,
- Via Palo Alto Networks GlobalProtect, information (username and password) is sent as a RADIUS request to the SecTrail server,
- SecTrail authenticates the user (Active Directory, Database, etc.) and forwards the RADIUS response to Palo Alto Networks GlobalProtect. If the authentication is successful, SecTrail sends the one-time password via SMS or E-mail to the address obtained from the user information in the database (AD, LDAP, Local). An external SMS Proxy or E-Mail server is used during the sending phase. In case of using SoftOTP, the password is generated via the SecTrail Authenticator mobile application.
- If the answer is successful, Palo Alto Networks GlobalProtect displays the second screen to the user,
- The user enters the one-time password generated by SMS, E-Mail or SecTrail Authenticator mobile application transmitted by SecTrail,
- Palo Alto Networks GlobalProtect transmits the one-time password to SecTrail as a RADIUS request,
- SecTrail validates the one-time password, forwards its response to Palo Alto Networks GlobalProtect,
- Cevap başarılı ise Palo Alto Networks GlobalProtect kullanıcının erişimine izin vererek oturumu
başlatır.
Mobile Application Support
If you want to use SoftOTP, you can ensure your security through the SecTrail Authenticator mobile application.
You can download the SecTrail Authenticator application to your mobile device from the Apple App Store or Google Play Store.