14 Jun Achieve ”ZERO TRUST” with Sophos
Sophos, global leader in cybersecurity, is known for its easy-to-use cybersecurity solutions. User-friendly, innovative and with a large portfolio: Sophos can help with any problem.
Trust. A beautiful word, but very dangerous in IT security; especially when that trust is unqualified or unquestioned. Time and again, the classic network, where we trust everything within the network and sealed its perimeter with a firewall, has been proven to be flawed.
The branch office of 1
Over the last few years, there has been a transformation in how people work. Users work remotely from untrusted networks that may or may not be secure. With the use of SaaS apps, cloud platforms and services, much of our data is outside the company. Everything is everywhere.
From a networking perspective, each user has now become an branch office of 1. Most organizations now have hundreds or thousands of branch offices of 1 person. With that comes challenge – the challenge of connecting, securing, on-boarding and de-boarding all these individuals.
Remote Access VPN: users are ”on the network”
When a user uses a VPN to enter the corporate network in order to gain access to apps and tools they need, they are ”on the network” and have full access AND all the trust that comes with it.
The individual user at home is trusted. Home networks generally do not have the same level of security as corporate networks, and that suits attackers trying to extort companies with ransomware.
So what is Zero-Trust really?
Well, it’s really just a different model of trust than that of the classic network perimeter we’ve been looking at. In a zero-trust world, No-one and no thing is automatically or implicitly trusted, be it inside or outside of the corporate network, even the network itself.
Each device, user and resource becomes it’s own micro-perimeter and only allows access once trust is verified and validated by multiple sources. But even then, it’s only temporary – it can be revoked at any time.
ZTNA (Zero Trust Network Access) provides much better security. Instead of being implicitly trusted like with VPN, you and your device have to earn trust constantly. Device health is part of the policy and if your device becomes compromised, it can be cutoff until it’s cleaned up. In addition, another fundamental difference is that ZTNA only connects a user to a very specific application or system. NOT the whole network.
The benefits of Sophos ZTNA
With ZTNA, you can give users secure access to business applications or data. Unlike VPN, you can get more security and visibility with Zero Trust than the traditional remote access solution via SSL VPN or IPsec. You don’t need a Sophos endpoint or firewall, but with Synchronized Security you get even more.
Zero Trust – No Implicit Trust
- Each user/device/app is its own perimeter
- Micro-segmentation of applications
Device Health
- Control access based on device compliance and health
Works Anywhere
- On the network or off
Transparent Connectivity
- Frictionless ”just works” experience
- Making it easier for end-users
Better Visibility
- Insights into app access, status, capacity, licensing
Easier Administration
- Leaner, cleaner solution
- Quickly stand-up new apps and enroll users
Sophos ZTNA licensing
- Sophos ZTNA is licensed simply by the number of users.
- Sophos ZTNA gateways are free to deploy as many as you need.
- Sophos Central management is included at no extra charge.
- Sophos ZTNA works better together with Sophos Intercept X and Sophos Firewall (but also works perfectly alongside any endpoint or firewall product)
Want to know more or get a free trial?
No Comments