As cloud architecture spelled an end to the “walled fortress” security model, the rapid transition to a remote workforce has accelerated the demise of perimeter defenses.
Organizations have been forced to rethink their approach to network access, and reimagine the fundamentals of user management, endpoint security, and access control. This demands transitioning away from a technology that until recently has been a fixture — the virtual private network (VPN). A crucial first step in resecuring modern hybrid work environments is to embrace the principles of Zero Trust Network Access (ZTNA).
The Zero Trust Security model trusts nothing and no one by default—including users inside the network perimeter. Threats exist internally as well as externally, and every user, device and network must be assumed to be hostile until proven otherwise.
Analyst firm Gartner adds that in today’s enterprise, there are too many entry points to fully protect and therefore, an effective security stance must protect the assets on the network rather than the network itself. Every device, user, and network connection needs to be authenticated and authorized, continuously. ZTNA is designed to provide access to resources on a least-privileged basis, derived from pre-established identity- and context-based criteria.
A Trio of Notable Trends
Three dominant IT trends have required CIOs and CSOs to examine their existing network and security tools:
- SaaS apps and cloud migration blurred the network perimeter, exposing inadequacies of traditional VPN and firewall solutions, forcing organizations to search for alternative solutions.
- Digital transformation and hybrid deployment models, combined with work-from-anywhere and bring-your-own-device (BYOD) policies, helped improve productivity, but often at the cost of security. A lack of visibility and access controls resulted in siloed operations across NetOps, SecOps, and ITOps.
- The rise of ransomware-as-a-service (RaaS) required CIOs and CSOs to bolster their security with a prevention-first strategy to protect endpoints, networks, and data.
Initial response to these trends was a myriad of security and network tools – some old and some new – including endpoint protection platforms (EPP), endpoint detection and response (EDR), network detection and response (NDR), secure web gateway (SWG), cloud access security broker (CASB), next-generation firewall, content filtering, and more. Individually, these tools have been inefficient and less effective due to the multi-vendor nature of solution deployment. Additionally, traditional VPNs drove the pursuit of a more holistic ZTNA, where ZTNA-as-a-service consolidates several network and security tools into a single, comprehensive solution.
BlackBerry's Unique Approach to ZTNA
When implemented holistically, ZTNA is a deterrent against ransomware, command-and-control (C2) beacons, privilege escalation, and data exfiltration. It significantly reduces the attack surface while empowering organizations with support for secure, remote access via bring-your-own endpoints.
This further reduces the surface area for attack, preventing lateral movement and unwanted application discovery, and providing greater visibility into network activity for both on-premises (on-prem) and cloud resources.
BlackBerry believes in a multi-tenant, cloud-native approach to ZTNA, to provide modern enterprises with a fast, reliable and elastic solution that empowers digital business transformation. Furthermore, it must be designed to reduce packet loss, jitter, and latency, while optimizing application access globally, meeting the needs of your workforce, wherever they may be.
Finally, it should be coupled with world-class artificial intelligence (AI) driven cybersecurity solutions that support a prevention-first strategy.
To meet these criteria, BlackBerry designed its CylanceGATEWAY™ product as an AI-assisted ZTNA solution that delivers scalable, outbound-only access to critical on-premises applications and assets. As we continue to update CylanceGATEWAY, we’d like to explore how we have evolved along this journey to produce what we believe to be the best-in-class ZTNA product on the market.
ZTNA for All
The goal of CylanceGATEWAY has been to make ZTNA easy, available, and affordable to companies of all sizes, from large global enterprises to small businesses and mid-market organizations. As part of our broader extended detection and response (XDR) strategy, CylanceGATEWAY is a key component in our mission to even the playing field across our client base, making the level of security achievable by the largest and savviest companies equally available to all our clients, regardless of size.
To accomplish these goals, we built a cloud-native, ZTNA-as-a-service solution that leverages multiple telemetry points to secure networks and resources, while enabling access to enterprise services – whether SaaS or on-premises – from any managed or unmanaged device. It provides the flexibility to secure network connectivity on a just-in-time and least-privileged basis.
CylanceGATEWAY extends our innovative Access Control List (ACL) framework, first released in 2021, to provide network admins the ability to define action (allow/disallow), access (destination), and association (user/risk). Other recent enhancements include:
- DNS tunneling detection support
- Destination reputation threat detection support
- Client private IP range allocation
- Enhancements to Syslog/SIEM
- Per-app tunnel support on Windows®
- Force Network Protection Mode on macOS® and iOS®
- Gateway Connector enhancements