Set Up Two-Factor Authentication

If you require strong authentication to protect sensitive assets or comply with regulatory requirements, such as PCI, SOX, or HIPAA, configure GlobalProtect to use an authentication service that uses a two-factor authentication scheme. A two-factor authentication scheme requires two things: something the end user knows (such as a PIN or password) and something the end user has (a hardware or software token/OTP, smart card, or certificate). You can also enable two-factor authentication using a combination of external authentication services, and client and certificate profiles.
The following topics provide examples on how to set up two-factor authentication on GlobalProtect:

Related Documentation