Product Line: VERDE
The long awaited feature is available: Mutli-Factor Authentication (MFA).
This article describes the VERDE MFA feature and its installation.
MFA is enabled in Desktop Policy settings. This provides the administrator with the flexibility to determine which desktops should be protected by MFA. For example, the VERDE system may have a Gold Image that is used as a Kiosk browser. This type of desktop may not require MFA protection. Other desktops that include access to sensitive apps or data can be selected to be protected by MFA.
Active Directory integration is implicitly supported.
MFA is applicable to both VDI and Remote Access desktops.
The first time a user attempts to access a desktop with MFA protection they must use the Google Authenticator mobile app to scan a QR code. This establishes the MFA configuration for that user in the VERDE system.
This same MFA configuration is used for any other MFA protected desktop – i.e., the QR code scanning step is one-time only.
The VERDE Cluster Master database manages the list of user profiles that have enabled MFA.
The VERDE Management Console includes a UI to allow the administrator to view and remove MFA for specific users. This may be required if a user loses or replaces their mobile device. The administrator must remove the MFA configuration for that user. This will allow the user to authenticate their new mobile device using Google Authenticator.
MFA has been implemented in two VERDE software clients:
• VERDE Software Client
• Korean VERDE Software Client
Both clients share the same MFA configuration. i.e., if MFA is setup using the VERDE Software Client then the Korean VERDE Software Client will be aware of that configuration. There is no requirement to scan the QR code setup separately in both clients.
Setting up MFA for a Desktop
VERDE Software Client Flow
Korean VERDE Software Client Flow
Managing MFA User Configurations
Google Authenticator – iOS Version