Configuring Cisco Duo

This article walks through the configuration of the Cisco Duo monitoring app.

NOTE This app is currently in private beta and is not generally available for all customers.

Overview

The Cisco Duo Monitoring App is designed to monitor log data for the MSP edition of Cisco Duo. It is designed to operate across all tenants within your Duo dashboard. This means that you will not have to authenticate the app to each customer within the RocketCyber console.

Requirement - To create an API Integration, the following steps can only be performed by a Cisco Duo user with an "Owner Role" permission.

How to Set Up

Log in to the RocketCyber SOC console, navigate to integrations and select MFA, then Cisco Duo. The 3 pieces of information needed for this integration are:

Your Duo Integration Key
Your Duo Secret Key
Your Duo API Hostname

Navigate the following steps:

> Applications
> Protect An Application
> search for “Admin API”
> click “Protect” and get the:
1. integration key
2. secret key
3. API hostname
Scroll Down and then
1. > give the API Integration a name like “RocketCyber SOC” and then
2. > select the “Grant Read Log” and “Grant Read Resource” permissions
Scroll down and click SAVE.
The final step is to copy the 3 elements and past them into the RocketCyber SOC console, then authenticate.

Congratulations, Cisco Duo is now configured and the RocketCyber SOC has insight into your MFA/SSO solution.

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!
	Provide feedback for the Documentation team.