News

Secure remote employee access with Zero-Trust NAC Portnox CLEAR.

News | 09.04.2020

Summary

Portnox CLEAR is an additional level of security when connecting remote users via VPN, which provides:

  • multifactor authentication - preventing the use of stolen VPN credentials;
  • access device authentication;
  • verification and analysis of settings and security parameters of remote devices - to prevent access of vulnerable / compromised devices to the network.

Free Use Period – 3 months

Type of Solution – cloud + endpoint agents

Supported OS – Windows, Linux, Android, MacOS/iOS

Agents – available free of charge from the manufacturer’s market / website. They can be installed by users on their own.

Additional software / hardware – not required.

More information: Work At Home https://softprom.com/en/workathome

https://www.portnox.com/blog/zero-trust-cloud-nac-enables-secure-remote-...

The world is changing, threats as well

Congratulations, we all suddenly found ourselves in a world where remote work has become the norm, and in many cases, even a duty. According to various estimates, 50% of employees are already working remotely.

Given the “emergency-coercive” nature of such a transformation, it is not surprising that most enterprises did not have the opportunity to prepare for it qualitatively, evaluate all risks and take adequate measures to manage them. Accordingly, the majority found themselves in the classic situation, when IT issues - ensuring access for remote employees, and Internet Security issues - how to do this really safely, came to the foreground. As a result, the traditional "perimeters", already blurred by cloud solutions and BYOD, were completely destroyed. Welcome to the nightmare of any system administrator - hundreds or even thousands of users with remote access to the corporate network using uncontrolled / own devices.

VPN – this is just the beginning

Traditionally, when we need to give remote access, we do this through a VPN. And this is normal as long as we remember that a VPN is not a panacea, but no more than a means of authentication and the organization of a secure communication channel "between Bob and Alice."

Problem №1 – VPN access data can be stolen and used by an attacker.

Problem №2 - VPN will not tell us anything about the state of those devices that we allow to our network, about their settings and security status.

Problem №3 – we cannot use VPN methods to prohibit the connection of vulnerable, insecure devices. The user, having valid credentials, can connect from a compromised personal device, with all the ensuing sad consequences.

Solution - zero-trust NAC over VPN

Portnox CLEAR – It is a cloud-based SaaS solution for monitoring and access control. It analyzes each device, calculates a security rating for it (similar to a credit rating) and applies access policies in accordance with the results. Portnox CLEAR is being implemented in conjunction with VPN solutions and supports many authentication schemes (Active Directory / Open LDAP), 2FA and client device risk assessment.

Additional Authentication Factor

The main disadvantage of all existing two-factor authentication means is that they do not take into account the device itself from which the access attempt is made. Portnox CLEAR provides device authentication using its own agent, AgentP. This allows you to build a multi-level VPN authentication, in which not only the "secrets" of the user are checked, but also the device itself. Thus, even if the credentials for VPN access are stolen, it will be impossible to use them on another device. Portnox supports two 2FA models.

OTP 2FA

The agent on the end device that has passed the domain binding procedure serves as a soft token using the HMAC-Based OTP algorithm. It generates OTP on demand and, together with checking user credentials, allows reliable authentication of both the user and the device when connecting remotely to the network.

AgentP 2FA

This model implements a feedback mechanism, which is based on the fact that each agent installation is unique and is tied to a specific device and user. When a user tries to establish a VPN connection, the CLEAR server contacts the device attached to this user and carries out additional verification of the device itself.

In addition to strong user and device authentication, Portnox CLEAR provides the following additional benefits:

  • Constant monitoring of devices (laptop, PC, Android / iOS phones / tablets) that connect via VPN to the corporate network. 
  • Monitoring and analysis of many indicators related to information security and their changes (OS, patches, status of antivirus, databases, updates, DLP agents, firewall, etc.).
  • Analysis and correlation of multiple contextual indicators and historical data.
  • Calculation of risk indicators of connected devices and making decisions on access based on them.

Article author: Alexey Lozikov, Softprom Business Development Manager.