Cisco Duo

Configure the Cisco Duo data connector.

In this guide, you will create integration keys in Cisco Duo to pull authentication telemetry. This telemetry identifies successful and failed multi-factor authentication attempts.

At the end of this configuration, you will provide Radiant Security with the following values:

  • API Hostname

  • Integration Key

  • Secret Key

Prerequisites

Generate the integration keys

  1. Log in to the Duo Admin Panel as an Owner.

  2. Click Applications on the left sidebar.

  3. Click Protect an Application and locate the entry for Admin API.

  1. Click Protect to get the integration key, secret key and API hostname.

  1. Document and store the Integration key, Secret key, and the API hostname before proceeding to the next step.

  2. Select the Grant read log permission.

  3. Click Save.

Important note: Be sure to document and store the key values carefully, as it cannot be retrieved later and can present a security risk if used in an unauthorized fashion.

Add the data connector in Radiant Security

  1. Log in to Radiant Security.

  2. From the navigation menu, select Settings > Data Connector and click + Add Connector.

  3. Search for and select the Cisco Duo option and then click Data Feeds.

  4. Under Select your data feeds, select Cisco Duo and click Credentials.

  5. Under Credential Name, give the credential an identifiable name (e.g. Duo-Credentials).

  6. Under Required Credentials, add the following that you copied from the previous section:

    • API hostname

    • Secret key

    • Integration key

  7. Click Add Connector.

Important note: The domain should be in the following format (without https://): api-XXXXXXXX.duosecurity.com

PreviousCisco ASA (syslog)NextCisco FTD (syslog)

Last updated