Pleasanton, USA: OpenVPN has introduced device identity verification and enforcement (DIVE) on CloudConnexa, its cloud-based solution, erstwhile known as OpenVPN Cloud. This new feature will take customers’ ZTNA structure to the next level, the company said.
With the rapid growth of remote and hybrid workforces, providing secure access from a mix of BYOD and corporate-owned devices has become a critical component of Zero Trust Network Access (ZTNA). DIVE on CloudConnexa gives administrators the power to leverage one of the key principles of ZTNA — least privilege — granting access only to the resources a user should have, exclusively from the devices they are authorised to use.
“The growth of remote workforces and the rise in mobile devices accessing company networks makes providing the appropriate access based on user and device identity a critical component of ZTNA,” said Francis Dinha, CEO of OpenVPN. “The DIVE feature on Cloud Connexa makes it easy for admins to verify device identities before granting network access.”
DIVE boosts the ZTNA essentials Cloud Connexa already provides — hiding user applications from public view, and using digital certificates for users and devices — by giving admins the option to manually add authorized device identities (UUID) as well as lock digital certificates, automatically, to specific devices.
A user trying to access the network with an alternate device, even with an authorised connection profile, will be blocked. By limiting authenticated user access to trusted devices with unique device identities, DIVE minimizes the attack surface and reduces the risk of unauthorised network access when the Cloud Connexa is used by the users.
“Even if an authorized always-on IoT device‘s connection profile is compromised,” explains Dinha, “a bad actor will be unable to connect using the stolen profile. This additional layer of security is invaluable to IoT network security.”
With DIVE on Cloud Connexa, admins can finally build ZTNA using defined access control policies for users and devices. This means organisations now have more power than ever to strengthen their security posture, reduce their attack surface, and make sure their network is truly secure.