HPE Community
Networking
1825050 Members
3276 Online
109678 Solutions
New Article ๎ฅ‚
 
Subscribe to RSS Feed
|
NetworkExperts

The risk of VPN

โ€Ž01-16-2024 09:11 AM

_AdobeStock_532602299_800_0_72_RGB.jpg

Zero Trust is not a single technology or architecture, but a set of principles to help you improve your business security posture. Minimizing the network attack surface should be the first item on your Zero Trust journey. The goal is to protect your most valuable digital assets, such as customers and employee data, mission critical applications that play a central role in your business, and infrastructure used to support the day-to-day work of employees.

Remote work, even post-pandemic, is expected to continue growing. Traditionally, companies relied on virtual private networks (VPN) to secure access to internal network resources. However, VPN is no longer good enough to secure remote work. For instance, VPN gives remote employees full network access to corporate resources when they login. The lack of verification and unrestricted access could be exploited by a hacker to steal a wealth of sensitive data. As a result, VPN solutions undermine the principle of Zero Trust. A Zero Trust model calls for users to be given only access to the data and resources they need to do their work, and nothing more. This is where HPE Aruba Networking ZTNA (Zero Trust Network Access) excels.

HPE Aruba Networking ZTNA ensures secure access to all applications and business tools employees need, no matter where they connect from. Our ZTNA solution replaces the VPN appliances with a lightweight software called a connector. The connector provides access to your private applications regardless of where they are located, on-prem or the public cloud. The connector reduces the attack surface by publishing your business applications only to HPE Aruba Networking SSE (Security Service Edge), not the public Internet. Moreover, the connector only requires outbound connections to HPE Aruba Networking SSE, so there is no need for the IT admin to open inbound firewall ports to the connector.

So, how does our ZTNA solution work? When a remote employee requests access to an application via an agent or user portal (agentless), HPE Aruba Networking SSE mediates and terminates that initial user request. In our solution, there is no passthrough connections allowed to your private applications. HPE Aruba Networking SSE will also validate the userโ€™s identity and based on the policy, connect them securely to applications without granting access to the corporate network. At a granular level, users only have access to the applications needed to do their work, which is key to successfully implement Zero Trust.

HPE Aruba Networking consolidates many SSE (Security Service Edge) capabilities, such as Zero Trust Network Access (ZTNA), Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), and Digital Experience Monitoring (DEM) into a single admin console. Our ZTNA solution is a modern platform, easy to configure and manage, that provides far better protection than legacy VPN solutions.

To learn more about the risk of using VPN and how you can to accelerate your Zero Trust journey with HPE Aruba Networking, please check out my lightboard video.

_MicrosoftTeams-image-7-1024x576.jpg

Other resources:

Unified SASE webpage

What is SSE?

Zero Trust Security webpage

 

About the Author

nils-headshot.jpgNils Lau

Sales Engineer, Hewlett Packard Enterprise

Nils Lau, Ph.D. is a highly skilled and experienced Sales Engineer with a strong background in presales activities, specializing in SASE technologies at HPE Aruba Networking. He leverages his in-depth knowledge and hands-on experience with SASE technologies to articulate product capabilities, features, and benefits to clients. In his spare time, he enjoys working out, reading, and playing with his kids.

Labels:
0 Kudos
About the Author

NetworkExperts

Top Kudoed Authors Last 30 Days
Author
Kudos
Shannon_Byrne Avatar
Shannon_Byrne
10
NetworkExperts Avatar
NetworkExperts
4
rayanfakhro Avatar
rayanfakhro
1
View all
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.