OpenVPN Solutions

Enforce Zero Trust Access

Cloud networks and a mobile workforce are integral to today’s business operations. But these bring with them modern security challenges that demand a layered approach for protection. That approach should include Zero Trust Access: never trust, always verify.

Challenges

An advanced network implements Zero Trust Access as part of its security posture. You need to ensure that your organization doesn’t associate trust with networks — trust must be established with every connection, every time.

Perimeter security is obsolete
Today's business communication can have many access points, and only maintaining security at the network perimeter isn't good enough. How can you go beyond the firewall to protect from hacks and attacks?
Managing lateral movement
A good security policy starts with Zero Trust Access, but how do you keep from exposing the entire network after a user connects with the VPN?
Unifying access authentication
For each network connection, you need to map access to allowed resources, but various authentication and identity systems can make this difficult.
Protecting users from malicious sites
Users can unknowingly pose a big risk. Part of a prevention plan includes stopping those clicks in phishing emails from turning into malware or ransomware.

OpenVPN Solutions for Enforce Zero Trust Access

Enforcing Zero Trust Access is an important layer of a good business security plan. You can configure this with OpenVPN Access Server.

zero trust with Access Server

  • Never trust based solely on the network perimeter. Define identity-driven policies within the Admin Web UI. Then, enforce VPN use in order to access app resources. Isolate those resources such that they can only be accessed through VPN clients, regardless of LAN or remote access.
  • Set up strong identity authentication. With Access Server you can integrate with Google Authenticator as well as LDAP/RADIUS/Active Directory, or IDaaS providers such as JumpCloud.
  • Define access controls based on user groups. Create these access control lists (ACL) with accessible resources defined by only what they need to access for their work.
  • Map roles and departments to ACLs and enforce those at the network level. Our VPN solution works with centralized identity directories.
  • Finally, maintain strict control over allowed internet destinations to protect users from unknowingly becoming a risk. Route all client internet traffic through the VPN and then through an external security appliance to enforce destination policies and protect against phishing sites and malware installations.
Results
Access Control Lists
Multi-factor Authentication
Zero Trust is Enabled
Deploy a fully-featured business VPN Solution with two free connections.
Available for Red Hat Enterprise Linux, CentOS, Ubuntu, or Debian directly from our official repository. Download as a virtual appliance, or launch from a public cloud provider like AWS.

Enforcing Zero Trust Access is an important layer of a good business security plan. OpenVPN Cloud can be configured to enforce zero trust at the group level.

  • Never trust based solely on the network perimeter. Define identity-driven policies in the OpenVPN Cloud administrator portal. Then, enforce VPN use in order to access app resources. Isolate those resources such that they can only be accessed through VPN clients, regardless of LAN or remote access.
  • You can prevent lateral movement on your network by setting up strong identity authentication and network-level authorization for access to private services. OpenVPN Cloud provides its own Connect Auth feature that you can use to enforce authentication on every connection attempt. OpenVPN Cloud also integrates with leading SAML identity provider platforms. Your identity authentication policies are further bolstered through group-level access control.
  • You can enforce a policy that ensures network resources can only be accessed by users when they are authenticated with a VPN connection. You can map roles or departments to a group access list, and authorization is enforced at the network level.
  • Should you need to prevent intentional and unintentional internet misuse on your network and devices, you can enforce narrowly defined access to public destinations using domain names. With OpenVPN Cloud, you can allow access to only authorized internet destinations to lock down access on specific devices, in sensitive departments, or to provide strong protection against malicious links and online threats.
Results
Group Access Control
OpenVPN Cloud 2FA
Internet Destination Policies
SAML Security
Connect to OpenVPN Cloud with three free concurrent connections.