Get MFA-protected endpoints with ADSelfService Plus
- Secure your organizational endpoints like machines, VPNs, OWAs, RDPs, and any RADIUS or IIS-based network endpoints with adaptive MFA.
- Choose from 19 different authentication methods for your users to verify their identities with.
- Enable conditional access with conditions like the user's location, IP address, time of access, and device used.
- Configure different MFA flows for users based on their OU, group, and domain memberships.
Salient features of the Endpoint MFA Add-on
MFA for machine logons
Protect logons to Windows, Mac, and Linux workstations and servers with adaptive MFA, which is triggered based on the user account during logon.Learn more
Safeguard logons to critical machines with adaptive MFA, which is triggered based on the device's policy settings, irrespective of the user logging in to the machine.Learn more
MFA for VPN
Fortify VPN connections to your organization's networks and other network endpoints that use RADIUS with adaptive MFA.Learn more
MFA for OWA
Guard OWA, exchange admin center (EAC), and other IIS web application logons with adaptive MFA.Learn more
Endpoint MFA Add-on in action
Here's how user-based Windows logon MFA works
- Users logging in to Windows machines first prove their identities using their AD domain credentials.
- Next, they authenticate themselves using a time-sensitive authentication code sent via SMS or email, biometrics, or through a third-party authentication provider.
- Depending on the administrator's configurations, they may need to authenticate themselves through one or more methods.
- Finally, users log in to their Windows machines once they have successfully authenticated themselves.
Better resilience and reputation
Keep attackers from exploiting your endpoints and earn a good security repute for your company.
Enhanced user experience
Use different authentication methods for users with different privileges by configuring MFA techniques based on their OU, group, and domain memberships.
Benefits of securing your endpoints using ADSelfService Plus
How to enable MFA for your endpoints with ADSelfService Plus
How to enable MFA for machine logons
To enable MFA for machine logons you need to install ADSelfService Plus' login agent for Windows, macOS, and Linux.View guide
How to enable MFA for OWA
With ADSelfService Plus, you can enable MFA for OWA and Exchange Admin Center logons.View guide
How to enable device-based MFA for your machines
Device-based or machine-based MFA protects business-critical machines by mandating MFA for every user who logs on to the device.View guide
How to enable MFA for RDP
ADSelfService Plus allows for RDP MFA to be configured in two ways, namely RDP server authentication and RDP client authentication.View guide