惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

F
Full Disclosure
博客园 - 三生石上(FineUI控件)
MyScale Blog
MyScale Blog
Apple Machine Learning Research
Apple Machine Learning Research
L
LINUX DO - 最新话题
T
The Blog of Author Tim Ferriss
P
Proofpoint News Feed
宝玉的分享
宝玉的分享
小众软件
小众软件
Hugging Face - Blog
Hugging Face - Blog
GbyAI
GbyAI
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
V
Visual Studio Blog
爱范儿
爱范儿
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
博客园_首页
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
月光博客
月光博客
博客园 - 叶小钗
D
Docker
H
Hackread – Cybersecurity News, Data Breaches, AI and More
T
Tailwind CSS Blog
D
DataBreaches.Net
酷 壳 – CoolShell
酷 壳 – CoolShell
B
Blog RSS Feed
量子位
美团技术团队
Vercel News
Vercel News
Y
Y Combinator Blog
IT之家
IT之家
Martin Fowler
Martin Fowler
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
S
SegmentFault 最新的问题
腾讯CDC
Recent Announcements
Recent Announcements
Google DeepMind News
Google DeepMind News
罗磊的独立博客
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
G
Google Developers Blog
Microsoft Azure Blog
Microsoft Azure Blog
The Register - Security
The Register - Security
博客园 - 司徒正美
N
Netflix TechBlog - Medium
S
Schneier on Security
博客园 - 聂微东
U
Unit 42
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
雷峰网
雷峰网
Latest news
Latest news

The Duo Blog

Duo + PlainID: Dynamic Authorization Meets Enterprise Identity | Cisco Duo Continuous identity security explained | Cisco Duo Salesforce The modern MFA toolkit: push, biometrics, and security keys | Cisco Duo Cisco Duo Identity Summit Preview | Cisco Duo Duo Brings Identity and Authorization Across AI Agent Gateways | Cisco Duo Passwordless for Microsoft 365 starts with federation Custom Admin Roles: Granular control for every Duo admin Token theft, vendor abuse, and the new identity threat surface How Duo Directory automates user lifecycle management Cisco Systems Named a Customers’ Choice in Gartner Peer Insights™ 2026 Voice of the Customer for Access Management Identity provider resilience: backup and split IdP approaches | Cisco Duo Agentic AI Security: Three Threats Your Team Should Know | Cisco Duo Secure client access at scale with Duo and Meraki | Cisco Duo IdP Concentration Risk: Why Single-IdP Dependency Puts You at Risk | Cisco Duo Endpoint Management as an Attack Vector: Lessons from Stryker | Cisco Duo Passwordless authentication without cookies: Duo Push updates Introducing Duo Agentic Identity Solving the double prompt: Better UX with AMR in Duo SSO Simplify compliance with MFA, device trust, and policies Cisco Systems Named a Customers’ Choice in Gartner® Peer Insights™ 2026 Voice of the Customer for User Authentication Why identity-led security matters for MSPs right now The Hitchhiker’s Guide to Shibboleth Launching Active Directory Defense: Strengthen On-Prem AD Security | Duo Security Industry specific IAM for MSPs Duo delivers: 99.99% uptime SLA for every customer Cisco Secures 125K user identities with Duo while advancing passwordless journey NIST AAL2/3 compliance with Duo Mobile Proximity Verification From protocol to practice: Secure the AI agent ecosystem with Duo How to secure the holidays & prep your 2026 IAM strategy Simplify MSP technician authentication with Duo Delegated Access Standing out in a crowded MSP market Securing for third-party risk with Duo for identity management Thwarting adversary-in-the-middle attacks with Proximity Verification OAuth 2.0's next chapter: Enabling the AI security revolution
The dawn of a simpler, helpful policy experience
anneuhof@cisco.com (Andrea Neuhoff) · 2025-11-13 · via The Duo Blog

Product & Engineering

Headshot of Andrea Neuhoff, Senior Lead Product Designer

Andrea Neuhoff

3 minute read

A key way to get the most out of Duo and the biggest return on your investment is to use Duo’s policy engine to customize the security experience and provide granular access to applications and resources.

It’s been 10 years since Duo first released its policy engine. Over time, we have added 18 different kinds of policy rules that help keep our customers ahead of new security needs. However, more options meant we needed to improve the administrative experience in a simple, easy-to-understand way.

We’re excited to share that we’ve refreshed the entire policy creation experience, making it easier to use and now providing useful decision-making information as-you-go. Best of all, the new policy editor stays true to the familiar Duo interface. No need to learn a new UI.

Familiar, with quality-of-life upgrades

The general layout of the policy editor should feel familiar, but the new experience makes it easier to find links to documentation, understand which devices will be affected by the policy, and learn of important dependencies.

For every kind of rule you can create, Duo now shows the information you want to know to be confident in your choices. For example, say you want to set up a rule about authorized networks requiring certain IPs to authenticate every time. The new policy editor surfaces a warning about how this will affect other rules in the policy.

Built-in recommendations

The policy editor now includes recommendations and explanations for each type of rule. You’ll learn what they protect against and what Duo recommends. These sections can be found below configuration.

The strength of an authentication method is a key consideration when selecting which methods are allowed. Duo now provides helpful information during the selection process. For example, it’s recommended to only allow phishing-resistant methods for privileged users. These are directly highlighted when setting the policy.

Data visualizations add context to impact (coming soon)

We know not everyone is able to easily access or visualize the effect of new policy in their environments—so we’re doing it for you.

The new policy editor now has data about your Duo environment. Each data visualization directly relates to the granular choices you can make when setting policy.

For example, in the operating systems section, you’ll be able to see how many Windows and Mac computers are accessing your protected applications and if they are up to date or out of date.

If you are looking at which authentications to allow, you will be able to see how many users and authentications have used that method in the last 30 days and predict the impact of the policy.

We’re adding data like this to four kinds of policy initially: user location, operating systems, risk-based factor selection, and authentication methods.

Ultimately, we want to make navigating Duo policy as simple as possible for administrators. We’d love to hear what you think of the data. Which sections would you like to see us build next? And what data do you really need to create the best policy for your business?

Get started with the New Policy Engine today! See a full list of improvements in the policy documentation.