Not Your Dad's IT

Updated Solutions to Classic Challenges

A personal website dedicated to helping IT professionals review where we've been, where we are, and maybe where we are headed.

  • Blog
  • About
  • Disclaimer
bag-business-businessman-2254124.jpg

Banyan And Zero Trust in a Post VPN World

August 12, 2019 by Nathaniel Avery in Enterprise

“Zero Trust” is a big security concept / buzzword at the moment. When most people think Zero Trust, they often think policies around systems in the form of firewalls or enclaves. Banyan, however, sees it differently. Banyan brings the least privilege access model to remote access. Banyan positions their solution as a replacement to VPN spurred on by Security Teams and DevOps professionals.

In some ways, the solution reminds me of the old Cisco Network Access Control (NAC) and Microsoft Network Access Protection (NAP) where remote laptops seeking access to network resources had to meet certain requirements before being granted connectivity to the full internal network. Back then, the requirements were mostly around patches. The old systems also worked under the assumption that the end user was on the outside and that they needed to tunnel to a corporate network that contained all the systems needed by the end user.

Today, systems and networks aren’t as simple. Moreover, devices aren’t limited to strictly laptops, but also include smartphones, and tablets. Some resources are within the boundary of the corporate network, but a growing number of resources are also in the cloud at providers such as AWS. Banyan attempts to solve these issues. Banyan uses reputation scores to determine worthiness of access, can work with mobile devices, and can continuously check the posture of a device. Banyan also works to protect resources in multiple locations.

The video which follows shows Banyan’s Ashish Gupta, the head of Marketing of Banyan, presenting at Security Field Day 2 a few weeks back. Once you get past the marketing speak, you can see the potential of the idea.

The promise of simplifying the operational complexity of managing remote access to multiple systems on disparate networks is admirable. Attempting to ensure secure access to the myriad of resources used by employees in today’s enterprise environments is a daunting task. Security, Network, and Systems Admin teams can spend tons of time and effort trying to secure access to multiple endpoints from a growing number of devices. The old way of sending everyone through an HQ network then redirecting that traffic back out is not only cumbersome, but slow, and inefficient. What Banyan promises is different and could alter the way enterprises view remote access going forward.


August 12, 2019 /Nathaniel Avery
Remote Access, VPN, Banyan, AWS, #XFD2
Enterprise
  • Newer
  • Older

Powered by Squarespace