EDR: Does the Duo Service Fail Open or Fail Close?
search cancel

EDR: Does the Duo Service Fail Open or Fail Close?

book

Article ID: 286840

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

Does the Duo two-factor authentication service fail open or fail close?

Environment

  • EDR Server: All versions

Resolution

The Duo service fails closed.  If Dou communication is not available, the EDR servers require local access.

Additional Information

  • If the Duo service is not available, local access to the EDR server allows the service to be temporarily disabled by commenting the cb.conf variable TwoFactorAuthCallbackModulePath and restarting services. 
Powered by Wolken Software