The Carbon Black EDR server administrator must create a Unix application account to integrate with Carbon Black EDR.

Procedure

  1. Go to https://duo.com.
  2. Follow the prompts to create an account and activate the Duo Mobile application on your preferred device.
    Note:

    If you already have a Duo Mobile account, you can use this. You do not have to create a new account for the Carbon Black EDR-Duo plugin.

  3. When your account is active and you have activated the Duo Mobile application on your device, log in with your account at https://duo.com.
  4. Select Applications.
  5. Click Protect an Application.
  6. Select Unix Application and select Protect an Application.
  7. In the Name field, enter a name for the Unix application, such as "Carbon Black EDR Server".
  8. For Username normalization , select the choice that best represents your security posture. This setting is related to the field specified in the /etc/cb/plugins/duo/secrets.ini settings file for mapping Carbon Black EDR users to Duo users. See Map Carbon Black EDR Users to Duo Users.
  9. If the Duo Mobile application is setup for Simple normalization of the username, and Carbon Black EDR-Duo integration is configured for email, then only the name in the Carbon Black EDR user email field (the value before the “@” symbol) is used to match the Duo user.
    If password is setup for None and Carbon Black EDR-Duo integration is configured for email or username, then the entire string must match a Duo user account.
  10. Record ikey, skey, and host values from this protected Unix application to insert into the Duo integration configuration file.
  11. Click Save Changes.