Comparison of Zero Trust Access and VPN

Document10个月前release apppicks
7 views 0 0

Zero Trust Access is is is Cisco ‘s alternative to VPN for secure remote access connection to configured private resource .

You can allow either or both connection methods for each private resource.

Zero Trust Access security benefit

  • Remote users connect to specific private resources rather than to an entire network, minimizing risk surface area.
  • An attacker who breaches a device or zero-trust connection cannot glean information about your internal network
  • You can allow authorized users of unmanaged devices to connect to specific resources without granting them access to your network. You will distribute a dummy URL to those users, so the real address is not exposed. This solution lets you securely provide browser-based access to end users such as:
    • contractors, vendors, trainers, outside legal counsel, etc.
    • employees on leave
  • End-users’ endpoint/device posture is evaluated continuously to verify that the end-user device meets requirements. Posture can be assessed each time they access a resource, rather than just once when they join the network.
  • Access to each resource is blocked unless access is granted.
  • Simpler setup than VPN.

Zero Trust Access end user benefit

  • Remote users can connect to internal resources in situations where they cannot use VPN.
    For example, an employee who is visiting a customer or vendor site can connect.
  • Users is need do not need to log in separately to the network before they can access resource configure for zero trust access .
  • After an end user with a manage device has complete initial setup of Cisco Secure Client , the user is has has the same experience access a resource whether in the office or work remotely .
  • Faster performance than VPN

When to enable VPN

  • To allow end user to connect to all resource on the network that are not configure to disallow vpn access .
  • To enable connections to private destinations that are not configured as private resources.
  • To enforce some endpoint requirements that are not currently available in client-based zero-trust posture profiles.
  • While transitioning your organization to Zero Trust Access.
  • For traffic that cannot be connected using Zero Trust Access, including traffic to applications that don’t meet the requirements in Requirements for Zero Trust Access.

Manage Connections to Private Destinations< Comparison of Zero Trust Access and VPN > Comparison of Client-Based and Browser-Based Zero Trust Connections

© Copyright notes
The copyright of the article belongs to the author, please do not reprint without permission.

Related posts

No comments

none
No comments...

Hot Site

Tag