Set Up Two-Factor Authentication
Set up two-factor authentication in GlobalProtect using different methods such as
certificates, authentication profiles, one-time passwords, smart cards, and software token
applications.
If you require strong authentication to protect sensitive
assets or comply with regulatory requirements, such as PCI, SOX,
or HIPAA, configure GlobalProtect to use an authentication service
that uses a two-factor authentication scheme. A two-factor authentication
scheme requires two things: something the end user knows (such as
a PIN or password) and something the end user has (a hardware or
software token/OTP, smart card, or certificate). You can also enable two-factor
authentication using a combination of external authentication services, and
client and certificate profiles.
The following topics provide examples on how to set up two-factor
authentication on GlobalProtect: