Update blog content: NIS2 MFA article (edits v.2)

piotr-bor · piotr-bor · commit fd9bb197ff35 · 2025-10-07T17:08:51.000+02:00
diff --git a/src/components/MfaDiagram.astro b/src/components/MfaDiagram.astro
@@ -0,0 +1,121 @@
+---
+// src/components/MfaDiagram.astro
+---
+<div class="diagram-container">
+  <div class="column">
+      <h3>Before: Password-Only Access</h3>
+      <div class="step">
+          <div class="icon"><i class="fa-solid fa-user"></i></div>
+          <div class="label">User</div>
+      </div>
+      <div class="arrow"><i class="fa-solid fa-arrow-down"></i></div>
+      <div class="step">
+          <div class="icon"><i class="fa-solid fa-key"></i></div>
+          <div class="label">Password</div>
+      </div>
+      <div class="arrow"><i class="fa-solid fa-arrow-down"></i></div>
+      <div class="step">
+          <div class="icon icon-insecure"><i class="fa-solid fa-shield-halved"></i></div>
+          <div class="label">Vulnerable Point</div>
+      </div>
+      <div class="arrow"><i class="fa-solid fa-arrow-down"></i></div>
+      <div class="step">
+          <div class="icon"><i class="fa-solid fa-server"></i></div>
+          <div class="label">Corporate Network</div>
+      </div>
+  </div>
+  <div class="column">
+      <h3>After: MFA-Secured Access</h3>
+      <div class="step">
+          <div class="icon"><i class="fa-solid fa-user"></i></div>
+          <div class="label">User</div>
+      </div>
+      <div class="arrow"><i class="fa-solid fa-arrow-down"></i></div>
+      <div class="step">
+          <div class="icon"><i class="fa-solid fa-key"></i></div>
+          <div class="label">Password</div>
+      </div>
+      <div class="arrow"><i class="fa-solid fa-arrow-down"></i></div>
+      <div class="step">
+          <div class="icon"><i class="fa-solid fa-mobile-screen-button"></i></div>
+          <div class="label">MFA Verification</div>
+      </div>
+      <div class="arrow"><i class="fa-solid fa-arrow-down"></i></div>
+      <div class="step">
+          <div class="icon icon-secure"><i class="fa-solid fa-shield"></i></div>
+          <div class="label">Security Layer</div>
+      </div>
+      <div class="arrow"><i class="fa-solid fa-arrow-down"></i></div>
+      <div class="step">
+          <div class="icon"><i class="fa-solid fa-server"></i></div>
+          <div class="label">Corporate Network</div>
+      </div>
+  </div>
+</div>
+
+<style>
+  /* Te style są automatycznie izolowane przez Astro! */
+  .diagram-container {
+      display: flex;
+      gap: 2em;
+      width: 100%;
+      max-width: 800px;
+      margin-top: 2rem;
+      margin-bottom: 2rem;
+  }
+
+  .column {
+      flex: 1;
+      display: flex;
+      flex-direction: column;
+      align-items: center;
+      background-color: #ffffff;
+      padding: 1.5em;
+      border-radius: 12px;
+      box-shadow: 0 4px 15px rgba(0, 0, 0, 0.08);
+      border: 1px solid #e0e0e0;
+  }
+
+  .column h3 {
+      margin-top: 0;
+      margin-bottom: 1.5em;
+      color: #333;
+      text-align: center;
+  }
+
+  .step {
+      text-align: center;
+  }
+
+  .icon {
+      font-size: 3em;
+      margin-bottom: 0.25em;
+  }
+
+  .arrow {
+      font-size: 1.5em;
+      color: #adb5bd;
+      margin: 0.5em 0;
+  }
+  
+  .label {
+      font-size: 0.9em;
+      color: #6c757d;
+      margin-top: 0.25em;
+  }
+
+  .icon-insecure {
+      color: #e74c3c; /* Red */
+  }
+
+  .icon-secure {
+      color: #2ecc71; /* Green */
+  }
+  
+  /* Responsive design for smaller screens */
+  @media (max-width: 768px) {
+      .diagram-container {
+          flex-direction: column;
+      }
+  }
+</style>
diff --git a/src/content/blog/mfa-wireguard-nis2-compliance.mdx b/src/content/blog/mfa-wireguard-nis2-compliance.mdx
@@ -6,7 +6,6 @@ author: "Piotr Borkowicz"
 image: "/images/blog/mfa-nis2-hero.jpg"
 ---
 
-import MfaDiagram from '../../components/MfaDiagram.astro';
 
 ![A central server connected securely to several computer terminals, representing a secure VPN network with MFA for NIS2 compliance.](/images/blog/mfa-nis2-hero.jpg)
 
@@ -33,7 +32,6 @@ Many organizations use VPNs (Virtual Private Networks) to allow employees remote
 
 As part of the NIS2 Directive, companies relying on VPN infrastructure to manage access to their network will be required to adopt MFA for VPN authentication. This ensures that even if VPN credentials are compromised, unauthorized access will still be difficult to achieve without additional factors, such as a biometric scan or a one-time passcode (OTP).
 
-<MfaDiagram />
 
 ## WireGuard: The Modern VPN That Needs MFA Support
 
@@ -114,10 +112,13 @@ With the NIS2 Directive pushing for stronger cybersecurity measures, adopting MF
 Solutions like Defguard make it easier than ever to integrate MFA into VPNs, while also offering identity management, SSO, and hardware key management. These added functionalities ensure organizations maintain the security, speed, and simplicity of their VPN while building a comprehensive, regulatory-compliant cybersecurity strategy. As cybersecurity continues to evolve, MFA and broader identity management capabilities will remain cornerstones of defense strategies, ensuring that even if credentials are compromised, access to critical systems remains secure.
 
 ---
-
+Piotr Borkowicz
+Technical Content Marketing Manager, Defguard
+piotr@defguard.net
+defguard.net
 
 <script type="application/ld+json" is:inline>
-{
+{`{
   "@context": "https://schema.org",
   "@type": "TechArticle",
   "mainEntityOfPage": {
@@ -126,49 +127,22 @@ Solutions like Defguard make it easier than ever to integrate MFA into VPNs, whi
   },
   "headline": "Adopting Multi-Factor Authentication (MFA) for WireGuard: A Path to Compliance with the NIS2 Directive",
   "description": "The NIS2 Directive mandates MFA for VPNs. Learn how to implement Multi-Factor Authentication on WireGuard with Defguard to ensure compliance and top-tier security.",
-  "image": "[PLACEHOLDER_URL_DO_GŁÓWNEJ_GRAFIKI_HERO]",
-  "author": {
-    "@type": "Person",
-    "name": "Piotr Borkowicz"
-  },
+  "image": "https://defguard.net/images/blog/Defguard-nis2-mfa/mfa-nis2-hero.jpg",
+  "author": { "@type": "Person", "name": "Piotr Borkowicz" },
   "publisher": {
     "@type": "Organization",
     "name": "Defguard",
-    "logo": {
-      "@type": "ImageObject",
-      "url": "[PLACEHOLDER_URL_DO_LOGO_TWOJEJ_FIRMY]"
-    }
+    "logo": { "@type": "ImageObject", "url": "https://defguard.net/svg/logo-full.svg" }
   },
   "datePublished": "2025-10-07",
   "dateModified": "2025-10-07",
   "mainEntity": {
     "@type": "FAQPage",
     "mainEntity": [
-      {
-        "@type": "Question",
-        "name": "Is WireGuard alone sufficient for NIS2 compliance?",
-        "acceptedAnswer": {
-          "@type": "Answer",
-          "text": "No. The base WireGuard protocol does not include a native MFA mechanism, which is a key technical requirement for access control under the NIS2 Directive."
-        }
-      },
-      {
-        "@type": "Question",
-        "name": "What MFA methods does Defguard support for WireGuard?",
-        "acceptedAnswer": {
-          "@type": "Answer",
-          "text": "Defguard supports a wide range of methods, including Time-based One-Time Passwords (TOTP), push notifications, biometrics, and FIDO2 hardware keys like YubiKey."
-        }
-      },
-      {
-        "@type": "Question",
-        "name": "How is Defguard different from other MFA solutions?",
-        "acceptedAnswer": {
-          "@type": "Answer",
-          "text": "Defguard is an integrated, open-source platform that combines MFA with Identity Management (IdP), SSO, and WireGuard configuration management in a single tool."
-        }
-      }
+      { "@type": "Question", "name": "Is WireGuard alone sufficient for NIS2 compliance?", "acceptedAnswer": { "@type": "Answer", "text": "No. The base WireGuard protocol does not include a native MFA mechanism, which is a key technical requirement for access control under the NIS2 Directive." } },
+      { "@type": "Question", "name": "What MFA methods does Defguard support for WireGuard?", "acceptedAnswer": { "@type": "Answer", "text": "Defguard supports a wide range of methods, including Time-based One-Time Passwords (TOTP), push notifications, biometrics, and FIDO2 hardware keys like YubiKey." } },
+      { "@type": "Question", "name": "How is Defguard different from other MFA solutions?", "acceptedAnswer": { "@type": "Answer", "text": "Defguard is an integrated, open-source platform that combines MFA with Identity Management (IdP), SSO, and WireGuard configuration management in a single tool." } }
     ]
   }
-}
+}`}
 </script>
