The rapid proliferation of IoT (Internet of Things) and OT (Operational Technology) devices, especially in 5G wireless WAN environments, presents unique challenges for organizations striving to maintain robust security. These devices increasingly connect through cellular networks, and more organizations are looking to contractors and third parties to monitor and maintain these devices. Having secure remote access to these devices is key. What are companies currently using to attempt this?
1) Legacy VPNs – this method has been widely used for remote access. It requires a VPN client which doesn’t really work for third parties. It also enables broad access once in the network increasing the risk of lateral movement.
2) Static IP address from a carrier – this option may be suitable for internal access, but not for third party access. This option also increases risk of breach as the IP address is easily found with an quick-to-download IP scanner, leaving the internal addressing scheme vulnerable.
3) ZTNA from another vendor – this provides zero trust network access but usually requires a client, specialized browser, or plug-in, so it is not ideal for third parties and contractors. Most do not isolate the interaction between the contractor and company apps, opening up the possibility of these apps being compromised by malware from unmanaged user devices. With only limited access controls, this option does not provide malware protection for the IoT/OT assets.
Enter NetCloud ZTNA - a cutting-edge clientless Zero Trust Network Access (ZTNA) solution designed to securely connect remote contractors, third parties, and BYOD (Bring Your Own Device) users to specific IoT/ OT resources without the need for a client. Below is a comparison of the legacy connectivity and the new ZTNA options.
Secure Remote Access – Old vs New
Addressing Third-Party Cyber Risks
The urgency of protecting against third-party cyber incidents cannot be overstated. KPMG finds 73% of organizations have experienced at least one major disruption tied to third-party access over the past three years. NetCloud ZTNA, developed by Ericsson, incorporates embedded isolation technology to mitigate these risks. Unlike other clientless solutions that rely solely on access controls, NetCloud ZTNA initiates application sessions within isolated cloud containers. This effectively air-gaps corporate systems from potentially insecure devices, curbing malware propagation and ensuring data integrity.
Clientless Access for Seamless User Experience
NetCloud ZTNA distinguishes itself with its true clientless experience. Users interact with applications and resources through a portal hosted in an isolated cloud container, eliminating the need for enterprise browsers or browser plug-ins. This configuration enhances security and usability, allowing unmanaged and BYOD devices to securely connect while protecting critical systems.
Integration with Existing Infrastructure
Some organizations use large numbers of contractors needing specific access. In many cases, these contractors are temporary. One of the features of NetCloud ZTNA is its integration with existing identity management systems. By leveraging the organization's current Identity Provider (IdP), NetCloud ZTNA simplifies access management for transient users, including contractors and third parties. This approach streamlines authentication processes, reduces administrative overhead, and enhances security by enforcing consistent identity verification protocols.
Zero Trust Architecture at Its Core
NetCloud ZTNA is built on the principles of zero trust architecture, employing a default policy of "deny all" and granting access based on least privilege through granular access policies. This ensures that all interactions are scrutinized, minimizing the risk of unauthorized access and maintaining stringent security standards across the network.
Ideal for 5G Wireless WANs
The solution's is uniquely suited for 5G wireless WANs where IoT and OT devices frequently connect through cellular networks. NetCloud ZTNA enables secure management and monitoring of these devices by third parties, ensuring that critical infrastructure remains protected and operationally efficient. For organizations already using Ericsson (Cradlepoint) wireless WANs, it is particularly simple as NetCloud Manager can configure, monitor, and manage the wireless WAN and integrated security functions, including NetCloud ZTNA. This unified platform simplifies operations, enabling IT administrators to create security policies consistently across all users and devices.
Technical Advantages of NetCloud ZTNA
True Clientless Experience: No enterprise browsers or plug-ins required, streamlining access for unmanaged users.
Embedded Isolation Technology: Activates application sessions in isolated cloud containers, air-gapping corporate systems from insecure devices.
Seamless Integration: Utilizes existing Identity Provider for efficient access management, simplifying transient user administration.
Zero Trust Architecture: Default policy of "deny all," ensuring least privilege through granular access policies.
Ideal for 5G Environments: Supports secure monitoring and management of IoT/OT devices through cellular networks.
Centralized Management: Manage access and security policies through the familiar NetCloud Manager interface.
Experience NetCloud ZTNA Today
NetCloud ZTNA is redefining clientless ZTNA solutions by offering unparalleled security, simplicity, and integration capabilities. Our solution empowers organizations to safely connect unmanaged remote users, while maintaining the user experience and protecting corporate systems.