Lösungen > VPN Alternative
Remote Access VPNs sind lästig
Zscaler hat eine Alternative entwickelt.
VPN is a mismatch for cloud adoption and mobile users
Thirty years ago, the corporate network was relatively simple. Security consisted of protecting applications inside the network and building a secure perimeter around them.
But then things changed. Applications began moving to the cloud, a network the enterprise does not control. Users expect to seamlessly work off-network and from any device, anywhere. Remote access VPNs worked well in the network-centric world, but in the age of cloud and mobility, where there are virtual perimeters around the user, device, and application, they lack applicability.
Zero Trust Network Access (ZTNA) is the ideal VPN alternative
Today, private application access is shifting away from network-centric approaches to a user and apps centric one. This has led to the increased popularity of “zero trust” and the adoption of zero trust network access (ZTNA) services. Also known as software-defined perimeters (SDPs), ZTNA enables secure access to private applications by establishing connectivity from user-to-application based on a dynamic identity- and context-aware basis.
ZTNA is different to VPN in these 3 main ways:
Zscaler Private Access: A VPN alternative that delivers a zero trust model
Zscaler Private Access (ZPA) is a cloud-delivered, zero trust network access (ZTNA) service that provides secure access to all private applications, without the need for a remote access VPN. ZPA delivers a zero trust model by using the Zscaler security cloud to deliver scalable remote and local access to enterprise apps while never placing users on the network. ZPA uses micro-encrypted TLS tunnels and cloud-enforced business policies to create a secure segment of one between an authorized user and a specific named application. ZPA’s unique service-initiated architecture where App Connector connect outbound to the Zscaler broker makes both the network and applications invisible to the internet, creating an isolated environment around each application rather than the network. This eliminates lateral movement and opportunity for ransomware spreads.
1. Zscaler Enforcement Node
- Hosted in cloud
- Used for authentication
- Customizable by admins
- Brokers a secure connection between the Z-App and App Connector
2. Zscaler App
- Mobile client installed on devices
- Requests access to an app
3. App Connector
- Sits in front of apps in the datacenter, Azure, AWS, and other public cloud services
- Provides inside-out TLS 1.2 connections to broker
- Makes apps invisible to prevent DDoS attacks
The benefits of ZTNA as a VPN alternative
DECOUPLED APP ACCESS FROM NETWORK ACCESS
MICRO-SEGMENTED ACCESS TO PRIVATE APPS
SIMPLIFIED MANAGEMENT AND REDUCED COSTS
TriMedX, a Healthcare Technology Management organization replaced their VPN with ZTNA and discovered the benefits of ZPA.
See how Aster Group UK replaced its remote access VPN and enabled seamless, secure application access for both internal and third-party users with ZTNA.
Suggested Resources
