Agent based Zero Trust Network Access(ZTNA) Solution
Even if the pandemic ends, remote access environments such as telecommuting and flextime will become the new normal. Work environments regardless of time and place have become common, and enterprise security threats have increased.
Cloudbric PAS (Private Access Solution) is an agent (Endpoint-Initiated) based Zero Trust Network Access (ZTNA) solution with Software Defined Perimeter (SDP).
Cloudbric PAS can be applied to multiple environments, such as network isolation of work networks or smart factory remote access, as well as end users, hides critical information resources, and secures corporate networks through user-centrically designed network solutions.
Secure network without external exposure
Cloudbric PAS secures inside the network and prevents exposing real server connection information by using virtual IP to protect the corporation’s network from outside attacks such as DDoS. The public network connection will be communicated with an encrypted channel and through mutual authentication between the user and network, enhanced security will be provided.
The session is connected only if the encryption key is verified and trusted. To eliminate the risk, switch the network to a black cloud where the attack surface cannot be detected externally.
Secured network connection
– Zero Trust based on the Allow list
– mTLS (Mutual TLS) communication for mutual authentication
Secure network visibility
– Establishing a security policy based on traffic analysis
– Detect unusual behavior
– Only authorized users can access through encrypted, dedicated tunnels to avoid customer environment exposure
– Authorize only if trusted with SPA (Single Packet Authorization)
Minimized access authority and strict identity authentication
Cloudbric PAS constantly doubts, and questions users and devices based on multi-step access control. Under the strict principle of ‘Secure First, Then Connect’, prevent external intrusion with thorough identity authentication and only authorized users can access to application safely.
It is dangerous for everyone to have the same access to all data. To protect sensitive data and reduce the risk of leakage, Cloudbric PAS provides a segmented security perimeter that allows users to have minimum access as needed and provides a separate security perimeter per individual application.
User access authority can be managed easily and conveniently through the user console.
Various identity authentication
– User identity verification with 2 Factor Authentication
– Additional verification with device identity authentication
Different authority policy by users
– Devoted security policy by organization
– Customized authority policy by identity(User, Device)
Different authority polity
– User access authority based on the microsegmentation
– Provide subdivided security perimeter by application
Cloudbric PAS / Cloudbric RAS
Cloudbric PAS and Cloudbric RAS have the following differences depending on the purpose of use, but both support secure remote access based on Zero Trust Network Access (ZTNA).
|Cloudbric PAS||Cloudbric RAS|
|Service||Endpoint initiated SDP service||Service initiated ZTNA service|
|HTTP/HTTPS, RDP, SSH,VNC||HTTP/HTTPS|
|How to Apply||Agent installation||Change domain DNS|
|ZTNA||– Secured remote access environment through 2 Factor-Authentication
– Prevent customer environment exposure through a dedicated tunneling and virtual IP authentication server
– Enhanced security with continuous identity and access authority verification
|– Secured remote access environment through 2 Factor-Authentication
– Prevent customer network exposure by accessing through a dedicated authentication server
– Access through a dedicated authentication server to avoid exposure to the customer’s environment