The Carbon Black EDR server administrator must create a Unix application account to integrate with Carbon Black EDR.

Procedure

  1. Go to https://duo.com.
  2. Follow the prompts to create an account and activate the Duo Mobile application on your preferred device.
    Note:

    If you already have a Duo Mobile account, you can use this. You do not have to create a new account for the Carbon Black EDR-Duo plugin.

  3. When your account is active and you have activated the Duo Mobile application on your device, log in with your account at https://duo.com.
  4. Select Applications.
  5. Click Protect an Application.
  6. Scroll down to locate the Unix Application selection and click the Protect this Application link.
  7. Scroll to the Settings > General panel.
  8. In the Name field, enter a name for the Unix application, such as "Carbon Black EDR Server".
  9. For Username normalization , select the choice that best represents your security posture. This setting is related to the field specified in the /usr/share/cb/plugins/duo/secrets.ini settings file for mappingCarbon Black EDR users to Duo users. See See Map Carbon Black EDR Users to Duo Users.
  10. If the Duo Mobile application is setup for Simple normalization of the username, and Carbon Black EDR-Duo integration is configured for email, then only the name in the Carbon Black EDR user email field (the value before the “@” symbol) is used to match the Duo user.
    If password is setup for None and Carbon Black EDR-Duo integration is configured for email or username, then the entire string must match a Duo user account.
  11. Click Save Changes.