EXTENDING MULTI-FACTOR AUTHENTICATION TO ANY SENSITIVE SYSTEM

 

Silverfort enables Multi-Factor Authentication (MFA) for any sensitive system, including those that couldn’t be protected until today, without requiring any agents or proxies.

In many organizations, the use of homegrown and 3rd party systems, that are not supported by mainstream MFA solutions, creates significant security and compliance challenges. Unlike mainstream MFA solutions that are implemented system-by-system using software agents, proxies and code changes, Silverfort takes a holistic approach towards secure authentication.

 

MFA Enablement for Any Sensitive System, including “Unprotectable” Systems

Silverfort’s Next-Generation Authentication Platform introduces innovative agentless MFA technology that can seamlessly enforce MFA for any sensitive system, across corporate, industrial and cloud environments, without deploying any software agents or proxies and without requiring any integration with individual systems. Silverfort leverages native features of existing IAM infrastructure and authentication protocols (such as LDAP/S, Kerberos, NTLM, OpenID Connect, RADIUS, etc.), to seamlessly monitor network traffic for all access requests and enforce secure authentication policies as needed.

Silverfort enables customers to protect any sensitive asset, including ones that couldn’t be protected previously:

  • Homegrown and legacy systems
  • IT infrastructure – hypervisors, DCs and network devices
  • RDP/SSH access to sensitive servers and endpoints
  • Financial systems such as SWIFT, payment processing and wealth management
  • Cardholder Data Environment (CDE) including all PCI DSS related servers
  • Healthcare systems including EMR, PACS and medical equipment
  • Cloud infrastructure (IaaS), SaaS and Web apps
  • File shares and Databases
  • Admin access including command-line tools and PAM (eliminates the need to provide an OTP for each session)
  • Business-critical applications such as CRM and ERP
  • IoT Devices and SCADA servers
  • and more

The Only MFA Solution That Can’t be bypassed

While mainstream MFA solutions protect only specific server interfaces such as RDP or SSH, attackers often use other access tools which allow them to effectively bypass MFA. Such tools include Remote PowerShell, PsExec, Remote Computer Management, file share access and more. These interfaces are also used by hacking tools like Mimikatz to perform lateral movement (for example, using Pass-the-Hash). Silverfort’s innovative technology protects any kind of access, no matter which interface or access tool is used.

Already Have an MFA Solution? Silverfort Can Extend Your Existing MFA to Any Of These Use Cases!

Silverfort offers its own line of MFA options providing a great combination of security and usability. Alternatively, Silverfort can extend any MFA product that is already in use by the organization, to enforce secure authentication on systems that aren’t supported today – without having to enroll new MFA tokens to end-users. Silverfort’s ability to bridge between any MFA method and any system allows our customers to improve both security and usability in a cost-effective manner.
Learn more about Silverfort Partners.

 

Unparalleled Flexibility, Usability and Cost Reduction

  • Complete Flexibility: Silverfort provides a layer of “abstraction” which separates the MFA method or product in use from the way they are being enforced across the network. This allows organizations to easily protect new systems, migrate assets to the cloud, and replace MFA methods in a centralized manner when needed.
  • Improved User Experience: Choose your preferred MFA methods and use them across all systems and environments, whether they support these methods natively or not, for a consistent user experience. Another dramatic improvement is achieved by reducing the frequency of MFA requests with adaptive policies, using Silverfort’s AI-driven risk engine
  • Reduced Costs: Remove redundant MFA solutions that are used for narrow use cases and enforce a single MFA platform across all systems and environments, to save unnecessary expenses. Minimize deployment and maintenance costs thanks to Silverfort’s agentless MFA technology.

 

“Silverfort enabled us to comply with PCI DSS requirements by easily incorporating MFA to systems we couldn’t previously protect. It saved us a lot of time and resources by avoiding any modifications to our systems.”

Michael Rubenchuk  

VP of IT Operations and Infrastructure  

MORE RESOURCES: