Hed Kovetz
Jan 22, 2019

Simplify and Strengthen Authentication to CyberArk with Silverfort’s Agentless MFA

We are proud to announce Silverfort’s integration with CyberArk. The joint Silverfort and CyberArk Privileged Access Security Solution enables our joint customers to simplify and secure privileged access with an agentless MFA platform.

Since the solution has been made available on the CyberArk Marketplace, many customers have expressed their interest and overall market response has been very positive.

“Silverfort’s Agentless MFA solution provides out-of-the-box protection for the CyberArk Privileged Access Security Solution,” says Silverfort’s CEO Hed Kovetz. “Not only does it enable our customers to easily strengthen secure access, it also simplifies user workflows delivering tremendous value to our customers.”

Why are customers so excited about the offering?

Customers are excited about Silverfort’s MFA offering because it enables them to:

  • Strengthen authentication into the CyberArk Privileged Access Security Solution with an agentless MFA solution that does not require cumbersome integrations, modifications to CyberArk, or changes to user workflows.
  • Simplify secure privileged access and reduce administrative connection time to the CyberArk Privileged Session Manager for Windows with a single authentication that does not require Time-based One-time Password (TOTP) tokens and eliminates the need to wait for One-time Passwords (OTP) to expire between sessions.
  • User-friendly 2nd authentication factor: Silverfort’s mobile app provides push notifications allowing users to easily authenticate and continue to work. Silverfort’s browser notifications or third-party tokens can be used as alternatives.
  • Get a comprehensive audit trail, informative dashboards with insights and investigative drill-down capabilities.
  • Reduce MFA deployment time, resource investment and maintenance costs.

Simplifying Secure Access and Reducing Connection Time to Multiple Sessions with Agentless MFA

Protecting privileged access to sensitive systems and resources is critical to organizations. If privileged accounts, credentials or secrets become compromised, an adversary may gain unfettered access to the organization’s crown jewels. This is why CyberArk recommends enforcing MFA for its solution.

Silverfort provides a single 2nd authentication factor to the CyberArk Privileged Access Security Solution, including Privileged Session Manager (including the RDP and SSH Proxies). Once implemented, users no longer need to use Radius-OTP based pin codes in order to authenticate to each session. Instead, Silverfort’s mobile app provides push notifications, which are a user-friendly 2nd authentication factor. Silverfort’s browser notifications or third-party tokens can be used as alternatives.

Figure 1 Validating the user identity via Silverfort’s Mobile App before granting access to CyberArk

Silverfort’s unique ability to provide MFA to Microsoft Single Sign-On and Active Directory based authentication, enables Silverfort to bring frictionless MFA to CyberArk users. It eliminates the need to wait for OTPs to expire between sessions and greatly simplifies secure administrative access to multiple sessions improving the administrative user’s experience.

Strengthening Authentication Without Any Agents, Proxies or Changes to CyberArk

Silverfort’s agentless MFA delivers seamless strong authentication to the CyberArk Privileged Access Security Solution without requiring agents or changes to user endpoints or servers, without inline proxies and without any changes to CyberArk.

Unlike traditional MFA solutions that typically require agents or complex integrations and are often challenging to implement for the RDP Proxy, Silverfort’s agentless non-intrusive approach is easy to implement.

The agentless architecture minimizes implementation time and maintenance costs. Setting up the required authentication policies in Silverfort’s Management Console takes only minutes and does not require any changes on CyberArk’s side.

Seamless Non-Intrusive Deployment Architecture

The Silverfort Authentication Platform is delivered as a virtual appliance. It does not require any software agents or local configurations on corporate endpoints and servers, or any changes to existing CyberArk configurations. Silverfort monitors all user authentication requests for accessing the CyberArk Privileged Access Security Solution and requires users to confirm their identity according to the authentication policies.
Silverfort’s web-based admin console enables security admins to easily apply strong authentication policies across the organization, identify authentication vulnerabilities, and achieve broad visibility and auditing of authentication and access activity.

Why wait any longer?
Contact us today to schedule a pilot in your organization.