The mass transition to remote work and the development of public cloud services force us to look for new approaches to ensuring IT security. Every day, a huge number of unknown devices and applications access the network. This leads to the realization that no one inside or outside the network can be trusted. Under these conditions, the concept of zero trust (Zero Trust Access) is the most effective model of network security. The principle of zero trust, based on the authentication of users and devices, and not on their position relative to the network, provides reliable protection of the organization's resources and business continuity. UserGate provides users with simple and secure remote access to corporate networks and resources using the Zero Trust Network Access model. We have all the necessary solutions to control and track users and devices on the network and beyond.
What is ZTNA?
Zero Trust Network Access is an extension of the zero trust concept (Zero Trust Access), which allows you to implement access control to applications and services. The ZTNA concept guarantees secure access for identified and verified users to authorized resources in the company's network environment.
The ZTNA concept is implemented within the UserGate SUMMA security product ecosystem with no need to purchase any additional licenses. Transparent integration of UserGate NGFW, UserGate Log Analyzer, UserGate Management Center, and UserGate Client products, as well as various modules, security features and subscriptions, allows you to provide the components necessary to implement ZTNA.
Components of UserGate ZTNA Implementation
User Authentication and Identification
UserGate technologies allow you to transparently identify users, wherever they are. Each action of your employee will be logged and each user will be uniquely identified.
Device Verification
The concept of Network Access Control (NAC) allows you to define compliance policies for a trusted device. Based on these policies, the UserGate SUMMA ecosystem decides whether a device is admitted to the network and how privileges are determined.
Application Identification
UserGate's next-generation firewall technologies allow you to identify the applications in use in network traffic, which allows you to create granular access policies.
Security Zones
Segmentation is a critical element in implementing secure access to an organization's network resources. Using UserGate, you can segment the network and set up relationships between segments.
Monitoring and Analysis
Using UserGate Log Analyzer and UserGate Management Center included in UserGate SUMMA, you can continuously monitor the existing protection system and modify security and access policies.
Main Features of UserGate Related to ZTNA
Flexible Implementation
You can install as many independent components of the UserGate SUMMA security ecosystem as you need and in any network segment. Transparent integration of products with each other allows you to combine them into a common mechanism, regardless of their location.
Granular Security Policies
The set of products and technologies used by UserGate makes it possible to implement a granular access policy, operating with objects at the level of a specific user and a specific application.
Verification
UserGate SUMMA allows you to check the characteristics of connected devices and grant access only to those devices that meet the requirements.
Applications of UserGate Related to ZTNA
Protection Regardless of the Perimeter
Now you can get access to corporate resources of the organization literally from anywhere – from a cafe, airport or from home. The "perimeter" of the organization has moved from gateway devices to almost any device. Protecting a company's network resources and its business assets in an era without a network perimeter while maintaining access for employees is a key business task of information security.
Distributed Assets
Services and business applications are now located everywhere – in the corporate data center, in public and private clouds, purchased as a service from third-party manufacturers. Providing secure and transparent user access to these assets means making business processes available and continuous.
Risk Mitigation
The zero trust concept can significantly reduce the risks of unauthorized access to applications, services and processed information – this is the key task of information security.
