A walled garden, in internet terms, “... is an environment that controls the user's access to network-based content and services.” A walled garden is used to keep users from exploring outside the walls and to protect against malware, phishing, and other cyber threats. According to TechTarget, “Although a walled garden does not always prevent users from navigating outside the walls, it often makes it more difficult than staying within the environment.”
Other examples of a walled garden environment are:
- Apple App Store and Google Play Store
- Social media sites
- Collaboration platforms (e.g., Microsoft Teams, Slack)
- MarTech platform (e.g., Google, Facebook, Apple, Amazon)
In these cases, the walled garden allows site operators to keep users on their platforms for as long as possible while protecting them from harmful content beyond the walls.
Restricted Internet Access, a new OpenVPN Cloud feature, taps into the walled garden concept to:
- Improve productivity and security
- Help people focus on what’s most important
- Mitigate risk to your network
Read on to learn how Administrators can have complete control over what users and devices access on the internet.
The Need for Internet Restrictions
With the growth of remote and hybrid workforces, employees are working outside the company firewall. They’re using public and home WiFi for internet connections. This, combined with unrestricted access, makes them prime targets for hackers. They’re also accessing apps, social media, and other internet content that isn’t work related. You can block websites on a case by case basis, but rather than play whack-a-mole with threats and bad actors, OpenVPN Cloud lets you build an impenetrable wall around your network by:
- Restricting secure access to authorized trusted internet destinations alone using continuous encryption and tunneling and blocking all other internet traffic.
- Defining and enforcing internet access policies for users.
- Protecting devices and your network from breaches by enforcing restricted internet access.
Recommended Reading: Traffic to private resources on your connected networks always traverses the tunnel to OpenVPN Cloud, but there are different ways — Restricted Internet, Split Tunneling — you can control the traffic bound for the internet. Visit Internet Access Settings and Security Levels for details on built-in security solutions and interaction with Internet Access settings, as well as security levels for internet routing.
Create a Walled Garden With Content and Services from Trusted Domain Names
One use case for Restricted Internet Access is use-specific devices. Administrators can allow the device to access trusted sites only and block access to everything else on the internet. For example, a PC used for employee time tracking should limit access to the Microsoft OS update site and the time keeping app. Without internet restrictions, the device can be used to access web pages that expose it — and the network it’s on — to cyber threats.
To curtail threats, admins can configure the public domain names, or public IP address ranges, of the timekeeping and OS update service as routes to the Internet Gateway network. This, combined with configuring Restricted Internet for the device, blocks all internet access other than the configured services. The result is that 1) the computer has safe access to necessary internet services, 2) internet connection abuse is prevented by locking down its allowable internet access, and 3) the risk of the device being infected by malware and other cyber threats is eliminated.
For more examples of use cases that may be relevant to your business or industry, check out our solutions page: Restricted Internet Access: Balance Convenience and Security.
Additional Protection With Cyber Shield
Included with OpenVPN Cloud at no extra cost, Cyber Shield is an easy-to-use, customizable IDS/IPS that can be used along with Restricted Internet to add depth in defense.
Secure Virtualized Networking With OpenVPN Cloud
The OpenVPN Cloud network as a service (NaaS) solution combines the strengths of a VPN, ZTNA, SD-WAN, and SASE security. This enables secure, virtualized connectivity between employees, devices (IoT/IIoT), and networks of small to midsize organizations, as well as for branch offices of large enterprises.