Link Search Menu Expand Document
calendar_month 23-May-24

Design Goals

Designing a zero-trust remote access solution involves several key goals aimed at enhancing security, flexibility, and user experience. To accomplish this the following key items must be implemented.

  • Ensure Strong Authentication: The solution must prioritize strict access controls to ensure that only authorized users and devices can connect to the correct network resources. This means implementing strong authentication mechanisms such as multi-factor authentication (MFA) to verify the identity of users and devices.

  • Adopt Least-Privileged Access: The solution should adopt a least-privileged access model, where users are granted only the minimum level of access necessary to perform their tasks. This reduces the risk of insider threats and limits the potential damage that can be caused by compromised accounts.

  • Ensure Scalability: The solution should be designed for scalability to accommodate a growing number of remote users and devices. This may involve deploying cloud-based infrastructure that can allocate resources dynamically based on demand, as well as implementing automated provisioning and deprovisioning processes to streamline access management.

  • Ensure Seamless user experience: The solution should consider user experience, to provide a seamless and intuitive interface for accessing network resources remotely. This may involve implementing single sign-on (SSO) capabilities to reduce the number of credentials users need to manage and/or integrating with existing identity and access management (IAM) systems to ensure a consistent user experience across different applications and platforms.

  • Secure Visibility: solution should incorporate continuous monitoring and threat detection capabilities to detect and respond to suspicious activities in real time. This may involve implementing network segmentation to isolate sensitive resources from potentially compromised devices and deploying intrusion detection and prevention systems (IDPS) to identify and block malicious traffic.

Overall, the design goals for a zero-trust remote access solution should revolve around enhancing security, scalability, user experience, and threat detection capabilities to meet the evolving needs of modern remote work environments.

Customer Use Case

Customers with distributed workforces have an increasing demand for access to their applications whether they are hosted in the datacenter or in the cloud.

IT teams responsible for managing distributed networks are facing staff reductions, even as organizations significantly increase network capabilities and reduce implementation times. Busy IT departments must improve service levels, reduce costs, manage an increasing workload and shift spending from capital expense to operating expense.

This guide discusses the following use cases:

  • Remote employees utilizing corporate owned assets with endpoint agent
  • Third Party contractors accessing corporate resources via a web portal
  • Administration of IOT / OT environments by third parties
  • Securing Internet access for remote employees