In the rush to provide secure access to remote workers, enterprises are finding legacy VPNs (virtual private networks) are not fit for purpose, as their flawed trust models leave them open to all kinds of attacks.

Zero Trust Network Access (ZTNA) is the new normal for securely accessing today's cloud and hybrid infrastructures and

Wandera's Private Access (WPA) cloud service has a simple philosophy - trust no one. It ensures only authorised users can access business applications, and allows organisations to create software-defined network perimeters that surround and protect all corporate resources on premises, in data centres and the cloud.

Wandera takes a mobile-first approach; but, along with support for iOS and Android, WPA has Windows 10 and macOS devices on its guest list. A key differentiator with legacy VPNs is WPA provides secure access to applications and not the network, thus blocking infiltration and lateral movement by hackers.

WPA creates connections up to four times faster than legacy VPNs by employing a non-IPsec protocol, which uses single-packet authorisation in the cloud. This fast micro-tunnel activation provides seamless transitions between mobile and wireless networks for remote users on the move.

WPA integrates tightly with existing identity providers (IdPs) and has Microsoft Azure AD at the top of the list. It also works with many others, including Okta, OneLogin, IBM, Centrify and Ping Identity.

Deployment is a cinch as, from the Private Access administrative console, we defined Microsoft Azure as our IdP. After providing our Microsoft 365 credentials, WPA grabbed our Tenant ID and we were ready to go - it's that simple.

Client deployment is equally easy, as users installed the iOS app on their mobiles, signed in with their Microsoft 365 credentials and a secure tunnel was created in seconds. Likewise with our Windows 10 clients as, after installing the agent, they logged in using their Microsoft accounts and again we were ready to go.

Wandera's admin console presents a wealth of information on users, global data usage, overall security ratings, the top countries devices connect from and much more. It provides quick access for sending enrolment links to users and creating activation profiles, which can integrate with existing UEM (unified endpoint management) solutions.

WPA provisions policy-based access controls to SaaS apps in the public cloud and enterprise apps hosted privately. Policies are easy to create, as we selected Microsoft 365, Box, Dropbox and GSuite from the predefined list and requested that all access to these services should be encrypted and routed through the nearest Wandera data centre.

From our user's perspective, there is nothing to see, because the process is completely transparent. They continued to access their business apps as normal, with the client handling tunnel creation and encryption in the background.

Along with blocking users from accessing specific web site categories and applying data usage limits, you can assign risk-aware security policies. Wandera's MI:RIAM (Mobile Intelligence: Real Time Insights and Analyst Machine) engine comes into play here, as it uses the data gathered by advanced machine learning techniques to determine if users are at risk from compromised apps, web content or devices and automatically blocks access.

Provisioning safe remote access in these challenging times needn't be a headache for enterprises, as Wandera's Private Access provides an elegantly simple, yet highly secure, ZTNA solution. We found it remarkably easy to deploy, as it doesn't require new certificates, accounts or IT workflows to be created and its light touch on end user devices ensures they get the best possible experience.

Product: Private Access
Supplier: Wandera
Web site: www.wandera.com
Tel: +44 (0) 203 301 2660
Sales: sales@wandera.com