Home / Companies / Twingate / Blog / August 2021

August 2021 Summaries

8 posts from Twingate

Filter
Month: Year:
Post Summaries Back to Blog
Network access control (NAC) is a way to embed access control and endpoint security policies within an organization's network infrastructure. Typically adopted by large enterprises, NAC offers substantial benefits to companies with large workforces and device populations. However, traditional NAC solutions have been less accessible to small and mid-sized organizations due to their hardware dependence. The modern workforce and bring your own device (BYOD) policies push NAC solutions to their limits, making it challenging for smaller organizations to implement and manage. Modern approaches to network access control, such as software-defined perimeters and Zero Trust Network Access (ZTNA), are being adopted to address the evolving cybersecurity threats. To select the right NAC product, organizations need to assess their workforce, devices, and resources, and consider factors like scalability and deployment. Traditional NAC solutions use physical networks to automatically provide access to authenticated users, but these solutions are less effective in today's cybersecurity environment. Modern approaches offer a way to protect individual resources without expensive investments in brittle hardware infrastructure.
Aug 31, 2021 4,892 words in the original blog post.
IPsec VPNs provide a secure connection between devices over the internet, protecting data from external bad actors. They are commonly used in business to enable employees to access a corporate network remotely. IPsec stands for Internet Protocol Security and is a secure network protocol that encrypts and authenticates packets of data to provide secure communication. There are two modes of operation: Tunneling mode, which encrypts the entire data packet, and Transport mode, which only encrypts the data packet message. Using an IPsec VPN provides multiple layers of security by providing authentication and encryption for data packets. IPsec VPNs can be set up on various operating systems, including Windows, Linux, and OS X machines. They require high support costs, but offer a secure alternative to traditional VPNs like Twingate.
Aug 26, 2021 6,038 words in the original blog post.
SDP (Software-Defined Perimeter) is a modern approach to network security that avoids the inherent weaknesses of traditional castle-and-moat fixed perimeter security technologies such as Virtual Private Networks (VPNs). SDPs apply a software-based approach that works with today's hybrid workforces and cloud infrastructures. Unlike hardware-centric approaches, SDPs focus on protecting the logical network connecting a company's resources to its users. They offer several advantages over traditional approaches, including granularity, flexibility, manageability, security consistency, and minimized attack surface. SDP solutions are network-agnostic, resource-focused, have a small attack surface, and low overhead compared to VPNs. The modern computing environment is more dynamic and heterogeneous than ever before, making SDPs a better solution for network security than VPNs. SDPs can be paired with Zero Trust principles to provide fine-grained, context-sensitive security policies. Twingate's SDP solution makes ZTNA easier to integrate into your organization's security strategy without changing existing infrastructure or replacing the current security system.
Aug 24, 2021 5,348 words in the original blog post.
IPsec, a series of protocols used to protect IP traffic between two points on a network, offers confidentiality, data integrity, and high security through advanced packet encryption. It is commonly used for business VPNs. The two primary modes of IPsec are tunnel mode and transport mode, each with its own use cases and advantages. Tunnel mode protects internal routing information by encrypting the original packet's IP header, making it useful for protecting traffic between different networks. It provides a secure connection between two different networks separated by an intermediate untrusted network, such as the Internet. However, it has a greater overhead and smaller MTU than transport mode. Transport mode, on the other hand, retains the original IP header and is commonly used for fast and secure end-to-end communications, providing end-to-end security through authentication, integrity, and anti-replay protection. It has a larger MTU than tunnel mode but lower overhead. However, it has poor compatibility with security gateways and difficulty in implementing traversal NATs. To set up each mode, it's essential to know how IPsec negotiates packet security using the IKE protocol. Ultimately, choosing between tunnel mode and transport mode depends on specific use cases and requirements.
Aug 19, 2021 3,521 words in the original blog post.
Whitelisting is a network security approach that blocks resource access to all but a select few trusted entities. Whitelists create a registry of the entities that may access a resource, and they can contribute to your access control strategy by making highly sensitive resources harder for adversaries to penetrate. Whitelists work best with centrally managed and relatively static systems where users have few expectations of control. However, whitelists become difficult to manage in more dynamic environments and may degrade the user experience. To overcome these limitations, whitelists can be used as one element of a layered security strategy that includes perimeter defenses, endpoint protections, anti-malware systems, and more. Whitelisting is not complete security solutions and has limitations that should be considered before using whitelists for secure access control. Creating an effective whitelist system requires an up-front commitment of time and resources, and it can disrupt business operations if implemented incorrectly. However, whitelists can significantly enhance security by reducing attack surfaces and minimizing the impact of successful security breaches. Twingate's Zero Trust Network Access solution lets you benefit from whitelist access control while mitigating their trust-driven limitations.
Aug 18, 2021 4,913 words in the original blog post.
AWS Client VPN is a managed service that allows organizations to access AWS resources from remote locations using OpenVPN-based clients. The pricing model of AWS Client VPN can be confusing, and it charges based on a time-connected basis for each type of component required to use the service: Client VPN endpoint associations and user connections to an endpoint. Each Client VPN Endpoint Association costs between $0.10 to $0.15 per hour, while each client connected to a VPN endpoint costs $0.05 per hour. Additionally, there are bandwidth fees for egress traffic from your VPC and NAT gateway data processing charges if you use one in your VPC that handles full tunnel traffic. However, AWS Client VPN is not the only option for enabling secure remote access to AWS VPC environments. Alternatives include AWS Marketplace products, such as Cisco Adaptive Security Virtual Appliance (ASAv), and manually installed open source solutions like OpenVPN, which require more effort and expertise in setup and maintenance. Another alternative is Twingate, a Zero Trust Network Access product that doesn't use VPN technology, with a straightforward pricing model based on a per user flat fee model. Twingate aims to provide the security benefits of a non-VPN Zero Trust solution while making deployment and management simple and cost-effective.
Aug 12, 2021 4,139 words in the original blog post.
Access Control Lists (ACLs) are a fundamental element of network security, allowing organizations to define and enforce access permissions for network resources. ACLs can be used to secure company resources both internally and externally, improve performance and manageability, and reduce the risk of spoofing and denial of service attacks. There are four types of ACLs: Standard, Extended, Dynamic, and Reflexive, each with its own strengths and limitations. To set up effective ACLs, organizations should use ACLs inside and outside network interfaces, pay attention to the order of ACL entries, set rules for groups rather than users, document everything, use ACL management tools, and combine Role-Based Access Control (RBAC) with ACLs. Twingate offers a modern approach to access control that makes ACL management more efficient by implementing software-defined perimeters and Zero Trust Network Access principles.
Aug 10, 2021 5,144 words in the original blog post.
Today's networked resources extend far beyond the office, making it harder to control devices and define a user. The pandemic has made us realize that we need a new approach to network security. Modern network security methods can prevent business disruption by using techniques such as Zero Trust Network Access (ZTNA) and Endpoint Detection and Response (EDR). The traditional castle-and-moat paradigm of the network perimeter is no longer relevant due to device diversity, flexible workforces, and cloud services. Network entry points are proliferating, making it harder to secure networks. Cyber criminals' sophistication has increased, with social engineering being a key attack method. To combat this, organizations need to think like their adversaries and layer multiple security technologies. ZTNA assumes malicious intent behind every network connection, while EDR can detect generic malware quickly. The human element is just as important as the technical element in preventing attacks. Defense in depth is the best protection, with micro-segmentation and software-defined perimeters reducing the impact of a successful breach.
Aug 04, 2021 3,209 words in the original blog post.