ISA Release Notes June 2021
This Article serves as the Release Notes for the ISA Windows Integrated MFA feature incorporated in the InstaSafe Secure Access (ISA) solution.
Why this feature was introduced
Two Factor Authentication was required with Always ON ISA connection. However, Two Factor Authentication was not available for Always ON due to its non-interactive mode as OTP worked only in interactive mode. This feature implements the ISA Two Factor Authentication during the login to Windows.
How this feature works
- When User logs into his windows machine, along with username/password, he will be asked for an OTP. Only after the OTP authentication is successful, ISA will get connected
- When User logs into his windows machine in offline/flight mode, he will not be asked for OTP. In this case, ISA will not get connected
- User will not be asked OTP for 8 hours (business day) once first time OTP authentication is successful
- User will not be asked OTP in case his profile on the InstaSafe Console is not configured for Two-Factor Authentication
- When the user unlocks his machine from sleep mode, he will not be asked for OTP if he has successfully entered OTP earlier in less than 8 hours. (This feature has been provided currently as part of the 8hr window of no-OTP prompts)
- All attempts to login to the windows machine will be logged on the InstaSafe Console. OTP failures and success will be logged under event logs
Prerequisites and Configuration required
- ISA Agent should be installed prior to the InstaSafe Authenticator setup.
- The username on the Windows machine should also exist on the InstaSafe Console with same name for Two Factor Authentication.
- ISA Always ON mode is required to get started automatically by the credential provider.
- “Extended Validation for Certs” mode should be enabled for the company. (please contact InstaSafe Support for getting it Enabled)
- Authentication Type should be set to “Certificate” for User/User Group. (refer Screenshot below)
- Two Factor Authentication should be enabled for User/User Group. (refer Screenshot below)
Related Articles
ISA Release Notes April 2019
Bug Fixes “No Object exists” message is displayed while listing Users, UserGroups, Application Group, Access Rules in InstaSafe console. This issue is fixed with latest software roll out to InstaSafe Cloud Not able to login via InstaSafe agent, if ...ISA Release Notes Jan 2020
Bug Fixes Report Subscriptions & Email Report Scheduler: Email Bug fixed & Now you can automatically send reports to Admins & sub-admin users by custom scheduling the desired logs and reports daily, weekly or monthly. Once the Report scheduler is ...MacOS ISA App Connection Error "This computer is not approved for use with InstaSafe Secure Access"
This Article highlights the steps to be taken in case users are unable to connect the ISA App on macOS and the error message received is "This computer is not approved for use with InstaSafe Secure Access" Issue The ISA App on MacOS doesn't connect ...ISA Windows Integrated MFA
This Article serves as a Whitepaper for the ISA Windows Integrated MFA feature Introduction A User in InstaSafe Secure Access (ISA) with Authentication Type set to ‘Certificate’ would not be prompted by the ISA App for credential verification and ...ISA App Log File
The ISA App, once successfully installed and configured, generates Connection Logs that could be extremely helpful in troubleshooting issues that may crop up. Depending on the device OS, the Log File location is as follows: Locating the ISA App Log ...