VPNs Aren’t Going Away, But They Are Rapidly Evolving

VPNs Aren’t Going Away, But They Are Rapidly Evolving
VPNs, or Virtual Private Networks, have been around for a long time. VPN may mean different things for different folks. A VPN may be the hub and spoke model that was augmented by other technologies from MPLS to SD-WAN. Hub and spoke VPNs still exist. When the concept of Secure Remote Access comes up, VPN will commonly come to mind. This remote access may be a full layer 3 tunnel, which is not exceedingly secure because there is too much implicit trust, or it may be a browser-based, single application session, which is more secure. Today’s VPNs need to be as secure as possible, thus Zero Trust was born.
/ Enterprise access security has been redefined by “Bring Your Own Device” (BYOD), Mobility, and Cloud Services

IT organizations continue to rely on their virtual private network (VPN) investments to address everyday business challenges that include securely connecting third-party workers, self-service transaction-based endpoints, high-volume branch sites, and business continuity.

But now, they need to adapt their access strategies to address new challenges. Mobile devices are creating new risks and opportunities. At the same time, data breaches are becoming commonplace.

With Pulse Connect Secure (PCS), enterprises today can enable Zero Trust secure access to hybrid IT resources for an increasingly mobile workforce:

  • Web access, using PCS to access corporate resources from any location using any web-enabled device such as a laptop, smartphone, or tablet
  • Per-app access where any mobile app access is supported without modification, app wrapping, or SDK
  • Always-on access where a VPN is automatically established based regardless of user setting
  • Simultaneous tunneling providing multiple VPN connections without disconnecting any active connection.
  • Split-tunneling that sends control data to a VPN server, and on authorization, then securely connecting to a cloud application.
Gartner recently published the “Market Guide for Zero Trust Network Access”. There are a few key points in this guide that help explain the evolution to Zero Trust.
/ Removing excessive implicit trust
This applies to all types of access – physical, local, and remote.  For example, accessing any and all applications when you’re on-premises shows how implicit trust can be granted with little thought or consideration. Recently, a customer told me that his management team believed that since someone is in the building, they must somehow be more trustworthy than someone outside. Excessive implicit trust lays the groundwork for attack opportunities, providing hackers with the entry points they need to access sensitive data. A network security practitioner should always consider all possible scenarios in order to remove any implied trust.
/ Being context-based
Context is important when trying to understand what’s happening. A stranger starting my car when it’s in the garage and the keys are in my pocket may cause me to panic. A “stranger” driving my car away, when I’m at the dealership for an oil change may be perfectly normal. Network and application access solutions must learn to be aware of context and must be able to take appropriate action. This context might include information about the user, the device, the gateway, and/or the application. This context will also include how all of these interact with each other during certain times of the day, day of the week, or based on user location. Once context is understood, appropriate, automated, and adaptive action is needed to help secure the network, data, applications, and/or services as soon as possible.
Vendors like Pulse Secure have been working with customers, partners, and analysts for years to be ahead of the attack curve. Our evolution from access to secure access to zero trust network access has been unfolding, developing, and improving since inception, which is why we continue to be trusted leaders in this space.
PulseSecure partner in Middle East (UAE & Iraq)
Pulse Secure: Secure Access for the next generation
Pulse Secure - Secure Access
/ About Pulse Secure
Pulse Secure provides easy, comprehensive software-driven Secure Access solutions that provide visibility and seamless, protected connectivity between users, devices, things, and services. Our suites uniquely integrate cloud, mobile, application, and network access to enable hybrid IT in a Zero Trust world. Today, more than 80% of the Fortune 500 and over 20,000 enterprises (and 18M end-points) and service providers across every vertical entrust Pulse Secure to empower their mobile workforce to securely access applications and information in the data center and cloud while ensuring business compliance.
Cyber Code Technologies is proud to partner with Pulse Secure to deliver Secure Access Solutions to its clients in Middle East, we've recently provided Secure Access solution to one of our clients in Iraq, please contact us for any Secure Access requirement.

Connect

Stay On The Loop

Subscribe to our news letter to get the lattest Yoga news