[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Is SSL VPN Two-Factor Authentication?

Posted on 2013-01-29
1
Medium Priority
?
1,151 Views
Last Modified: 2013-02-01
Environment:  Retail corprate headquarters and outlets.  PCI-DSS level 4 compliant.  SonicWall gateways are each location.

The boss approached me about using iPads to connect wirelessly to the network both at the office and the stores.  For standard remote access we use RSA products to meet the two-factor authentication PCI-DSS requirement.  The only option I see with the iPads is to use SonicWall's Mobile Connect with an SSL VPN.  Easy enough to set-up, but the question with which I am wrestling is this:  Is an SSL VPN really two-factor authentication?

I've seen arguments both pro and con, but nothing conclusive either way.
0
Comment
Question by:HoneyFarms
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 6

Accepted Solution

by:
sr1xxon earned 2000 total points
ID: 38831443
wireless networks are a can of worms when it comes to PCI - DSS - they require 802.1x authentication.

in answer to your question, NO, SSLVPN's are not 2FA.

2FA is something you use to secure access to your SSLVPN.

for something free, check out RCDEVS openotp - it plays nicely with google's free 2fa service
http://www.rcdevs.com/products/openotp/, and will integrate with your SSLVPN easily,.

Google 2FA will suffice as that second factor IF you use your mobile phone as the authentication device - there's no point having an IPAD with an embedded authentication app, takes away the purpose of 2FA.
0

Featured Post

Tech or Treat!

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What's a UDID? If you're involved in developing, testing, or even reviewing an iOS application that's in beta, then at some point you may need to know the UDID for any iOS devices that you'll be testing on. What's the UDID? It stands for Unique Dev…
Let’s list some of the technologies that enable smooth teleworking. 
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question