VPN

Banyan Security Research Uncovers Primary Considerations Influencing Zero Trust Network Access (ZTNA) Adoption

Banyan Security | June 28, 2022

Banyan Security
Banyan Security, a leading provider of Zero Trust Network Access (ZTNA) solutions, today revealed new research highlighting organizations’ preferences and hesitations for adopting modern remote access solutions. The independent survey was conducted by Sapio Research and engaged over 400 senior decision makers from mid- to large-sized companies in the U.S. and Canada, who are responsible for IT security and are aware of both virtual private networks (VPN) and ZTNA. The key findings from this study include:

Over half (54%) of VPN owners stated that secure remote access is a priority at this time.
VPN usage is still prevalent among a majority (90%) of security teams who have highlighted cost, time, and difficulty as reasons to not move forward with ZTNA adoption.
Almost all organizations (97%) say that adopting a zero trust model is a priority, with 93% of organizations having committed a budget to enhance their VPN or move toward ZTNA within the next year or two.
More than half (53%) of respondents have already started rolling out zero trust solutions.

Personal Devices and VPNs Do Not Mix
The last two years have shifted how we work, producing a new remote workforce that was essentially created overnight. As highlighted in this study, this has resulted in most workers – in this case 51% of respondents – using a combination of corporate and personal devices to connect to business applications and resources. Personal devices often used by less security-conscious family members. This creates a very risky environment as personal devices are easy targets for threat actors especially since IT teams cannot fully monitor activity on these devices. Additionally, personal devices are often used by other family members – particularly children – which make them even more susceptible to malware and other viruses.

Despite known security issues, VPN usage continues to thrive, with 90% of respondents currently using a VPN in some capacity for secure remote access. When access is permitted on a personal device, it creates a risky situation for not only the user, but the entire organization. VPNs lack many of the application-level access controls and integrated security that are common in ZTNA solutions. As a result, cybercriminals will often target VPNs because a single set of compromised credentials can provide all of the access needed to carry out a data breach, ransomware incident, or other attacks.

“As this study shows, VPN usage continues to be prevalent, often viewed as ‘good enough’ for remote access among organizations simply because that is what they have always used, What this doesn’t account for is the poor administrative and end user experience, not to mention that on-premises access must be handled with separate, siloed tools. We have plenty of evidence to show that legacy VPNs no longer adequately protect nor provide consistent and easy access to corporate resources for today’s ‘work from anywhere’ workforce.”

Jayanth Gummaraju, CEO & Co-Founder of Banyan Security

Key Drivers for ZTNA
A majority of the respondents (97%) stated that adopting a zero trust model is a priority for their organization, where 44% said they have plans to roll out zero trust but are in the early stages, while 53% said they have already begun to roll out zero trust solutions. For organizations who have begun to roll out ZTNA solutions, the survey revealed that secure remote access (48%), improving the end user experience (34%) and eliminating exposure to VPN vulnerabilities (34%) were the top three drivers in their decision to choose ZTNA. Unlike VPNs, ZTNA provides access on a case-by-case basis, which is decided based on user, device, and application-level access and security controls.

What’s Holding VPN Users Back from Making the Switch?
Over two thirds of organizations (69%) believe implementing a ZTNA strategy would require a large undertaking. Aside from the general familiarity and comfortable usage of their traditional VPN solution, organizations stated that cost/budget constraints are the biggest barriers (62%) for VPN users to adopt ZTNA. Thirty percent of VPN owners said that it would be difficult to implement ZTNA infrastructure in their current security environment; however, 82% of respondents stated they would likely implement ZTNA if there was an easily deployable, inexpensive option. Apathy also appears to be one of the biggest barriers preventing VPN owners from adopting ZTNA solutions with 46% of respondents stating that modern, secure remote access is not a priority at this time.

“While it is good to see that awareness of ZTNA solutions amongst IT security professionals continues to grow, the actual implementation of a ZTNA architecture is still considerably low, with just over 17% of respondents having truly begun to roll out a ZTNA strategy,” continued Gummaraju. “As we look toward a future where remote and hybrid work are the standard for most organizations, it’s encouraging to see that IT teams are looking beyond VPNs at more comprehensive zero trust network access solutions.”

Research Methodology
The survey was conducted among 410 Senior Decision Makers from mid- to large-sized companies in the U.S. and Canada, who are responsible for IT security and are aware of both VPN and ZTNA. The interviews were conducted online by Sapio Research in April 2022 using an email invitation and an online survey, with results accurate to ± 4.8% at 95% confidence limits.

About Banyan Security
Banyan Security provides secure, zero trust “work from anywhere” access to infrastructure and applications for employees, developers, and third parties without relying on network-centric legacy VPNs. Deep visibility provides actionable insight while continuous authorization with device trust scoring and least privilege access deliver the highest level of protection with a great end user experience. Banyan Security protects tens of thousands of employees across multiple industries, including finance, healthcare, manufacturing, and technology.

Spotlight

The purpose of this document is to provide a study of Microsoft SQL Server consolidation on Cisco Unified Compute System (UCS). The primary objective of the study is to articulate the total cost of ownership (TCO) and return on investment (ROI) that can be achieved by companies wishing to consolidate SQL Server on Cisco UCS. Additionally, the study will also prove that consolidated SQL Server implementations on Cisco UCS can meet the scalability, availability and performance requirements mandated by today’s high-volume database implementations.


Other News
VIRTUAL DESKTOP TOOLS

HostColor announced Dedicated Cloud IaaS in the U.S., Canada, and the UK

Host Color LLC | August 16, 2022

Cloud service provider HostColor.com (HC) announced that it now offers Dedicated Cloud infrastructure-as-a-service (DCIaaS) based on VMware ESXi, Proxmox, and Linux Containers (LXC) virtualization technologies. The DCIaaS can be used by any organization for the deployment of custom-built, standards-based Private, Public or Hybrid technology infrastructure. The cloud service provider delivers self-managed and fully managed DCIaaS from data centers located in 17 U.S., Canadian, and UK major metropolitan markets - Ashburn, Virginia; Atlanta, Georgia; Bend, Oregon; Charlotte, North Carolina; Chicago, Illinois; Dallas, Texas; Denver, Colorado; Kansas City, Missouri; Los Angeles and Santa Clara, California; Miami, Florida; Newark, New Jersey; New York, NY; Seattle, Washington; Toronto, Ontario; Vancouver, British Columbia, and London, UK. HostColor's Dedicated Cloud infrastructure services have fixed monthly costs that do not rise depending on the resource usage. The Cloud IaaS users pay a flat monthly fee for a certain amount of dedicated computing resources – processor (CPU), memory (RAM), and data storage (SSD, NMVe, or HDD) and a specific bandwidth quota on a 1-gigabit or 10-gigabit internet port. The cloud service provider does not charge clients for DNS zones, DNS queries, or for each 1 GB data transfer. Unlike the services offered by the so-called "Major Clouds", HostColor's dedicated public or private cloud IaaS services come with free infrastructure support. "We save an enormous amount of money on data transfer, computing resource usage, and technical support to the SMBs that choose to use HostColor's Dedicated Cloud services, instead of IaaS on any of the so-called "major clouds". HC's DCIaaS features a fairly large, clearly-defined bandwidth quota, instead of charging them for each GB data transfer. If any organization needs to use 80 TB data transfer per month, for example, HostColor saves it eight thousand dollars per year on average for data transfer, DNS records, DNS queries, and technical support", Dimitar Avramov, HostColor's co-founder and CEO He adds that “Bandwidth” is the amount of data that can be transferred at one time, while "Data Transfer" is the actual amount of data transferred. HostColor's Public and Private Dedicated Cloud services start with a guaranteed bandwidth quota of 100 Mbps or 250 Mbps, depending on the data center location.The company's DCIaaS customers, connected to a 1 Gbps internet port, who use a 250 Mbps bandwidth quota, can transfer 80 TB of data per month. If they choose to use a full 1-gigabit bandwidth port they can push 324 TB data transfer per month. Those who have a dedicated cloud connected to a 10-gigabit internet port with a 2 Gbps bandwidth quota can transfer 648 TB of data in a 30-day period. HostColor has recently announced the availability of New York Dedicated Server hosting services connected to 10-gigabit Internet ports. They are delivered from the data centers – Teleport, Staten Island, and DataBank, New Jersey. The 10-gigabit server plans start with a 2 Gbps bandwidth allowance and can be scaled up to a full 10 GbE internet connection. According to the market intelligence firm IDC “Dedicated Cloud Infrastructure-as-a-Service (DCIaaS) solutions deliver compute and/or storage resources dedicated to an individual customer that are deployed on customer premises and consumed as a service.” IDC explains that “his model is essentially a dedicated version of a publicly available cloud offering, modified to run on-premises or in a specially certified colocation environment”. The market intelligence firm also explains that the cloud service providers retain full ownership of all underlying infrastructure hardware and software and are completely responsible for delivery, maintenance, updating, and ultimate disposal of the asset when the subscription is terminated. About HostColor.com is a global IT infrastructure and Web Hosting service provider since 2000. The company has its own virtual data centers, a capacity for provisioning dedicated servers and colocation services in 50 data centers worldwide. Its subsidiary HostColorEurope.com operates Cloud infrastructure and delivers dedicated hosting services in 19 European counties.

Read More

VIRTUAL DESKTOP TOOLS

Verge.io and Dallas Digital Offer Alternative Enterprise Virtualization Solutions

Verge.io | September 14, 2022

Verge.io, the company with a simpler way to virtualize data centers, and Dallas Digital Services, an IT solutions provider for enterprises and government agencies, today announced an agreement to offer Verge.io’s virtual cloud software stack as a simple, cost-effective alternative to build, deploy and manage virtual data centers. With Verge-OS software, Dallas Digital enables virtualized data centers for its clients with greater savings and efficiencies. Verge-OS abstracts compute, network, and storage from commodity servers and creates pools of raw resources that are simple to run and manage, creating feature-rich infrastructures for environments and workloads like clustered HPC, ultra-converged and hyperconverged data centers, DevOps and Test/Dev, compliant medical and healthcare, remote and edge compute including VDI, and multi-tenant private clouds. “Legacy virtualization platforms require many different SKUs, with complex pricing schemes and significant API integration to build out a virtualized data center, especially at scale,” said Howie Evans Vice President Dallas Digital. “We are pleased to be able to offer Verge-OS as a way to deliver a virtual data center experience but in a secure, hardware-efficient system that can scale compute, memory, and storage resources as needed.” “Recent M&A activity is causing enterprises to look for alternatives to legacy systems, and partnerships with solution providers like Dallas Digital are an ideal way to bring these customers a modernized virtualization platform for the way organizations work today, Verge-OS is not only simpler to configure and run, it’s simpler to buy, and simpler for Dallas Digital to support.” Yan Ness, CEO at Verge.io Verge-OS is an ultra-thin software—less than 300,000 lines of code—that is easy to install and scale on low-cost commodity hardware and self-manages based on AI/ML. A single license replaces separate hypervisor, networking, storage, data protection, and management tools to simplify operations and downsize complex technology stacks. Secure virtual data centers based on Verge-OS include all enterprise data services like global deduplication, disaster recovery, continuous data protection, snapshots, long-distance synch, and auto-failover. They are ideal for creating honeypots, sandboxes, cyber ranges, air-gapped computing, and secure compliance enclaves to meet regulations such as HIPAA, CUI, SOX, NIST, and PCI. Nested multi-tenancy gives service providers, departmental enterprises, and campuses the ability to assign resources and services to groups and sub-groups. About Dallas Digital Services Founded in 1996, Dallas Digital Services began as an on-site service provider for enterprise companies and has developed into a highly recognized solution provider for mission critical and high availability solutions. It is a relationship-driven IT solutions provider, offering best-of-breed technology and services for enterprise organizations as well as public-sector entities. It offers strategic services, technical expertise, and sales support to enable clients to maximize the value of their data center investments. Based on each customer's unique objectives and IT environment, Dallas Digital can assess, architect, implement, and manage solutions that improve current technology performance.

Read More

VIRTUAL DESKTOP TOOLS

Fortinet is the Fastest Growing ZTNA Vendor, Customers Highlight the Benefits of Fortinet Universal ZTNA

Fortinet | August 18, 2022

Fortinet a global leader in broad, integrated and automated cybersecurity solutions, today announced accelerated momentum of Fortinet Universal ZTNA and its ability to provide secure access for any user anywhere, whether they are remote or in the office. In fact, according to the latest Gartner report on enterprise network equipment market share, Fortinet is among the highest five global ZTNA vendors, with the fastest growing revenue of any vendor quarter-over-quarter from 4Q21-1Q22 and year-over-year from 1Q21-1Q22.1 Fortinet attributes this growth to its differentiated approach to ZTNA that supports secure application access for any user in any location, lower total cost of ownership, more seamless transition from VPN, and integration with the Fortinet Security Fabric, including Fortinet Secure SD-WAN. ZTNA emerges as a top solution to implement Zero Trust principles Organizations of all sizes are adopting Zero Trust as a corporate security strategy to enable digital acceleration, support remote and hybrid work, and reduce risk. According to Gartner, “60% of organizations will embrace Zero Trust as a starting point for security by 2025. More than half will fail to realize the benefits.”2 While transitioning from implicit trust to an explicit Zero Trust model is a top strategic concern, most organizations – over 80% according to a January 2022 Zero Trust survey from Fortinet – have found it difficult to execute. ZTNA has emerged as a top technology adopted by organizations as a first step to implementing zero trust principles to the corporate network. Secure access for any user anywhere with Fortinet Universal ZTNA At an increasing rate, organizations seeking to reduce their risk profile by building a zero trust architecture are turning to Fortinet Universal ZTNA. Key benefits of Fortinet’s solution include: Consistent user experience in all work locations: Unlike cloud-only ZTNA, Fortinet Universal ZTNA delivers universal enforcement and the same user experience and security policies whether employees are located in densely populated offices, working remotely from home, or on the road. Easy transition from VPN to ZTNA: Because VPN and ZTNA are managed by the same integrated client from Fortinet FortiClient organizations can transition application access seamlessly and at their own pace. Existing Fortinet customers can immediately access ZTNA: Customers with existing FortiGate and FortiClient investments already have what they need to start applying Fortinet Universal ZTNA, an unlicensed feature. ZTNA integrated with SD-WAN: Fortinet is the only vendor delivering ZTNA, SD-WAN, and enterprise-grade security that is integrated by a single operating system to more effectively support secure application access and application steering. All three SD-WAN for connectivity, ZTNA for secure access, and enterprise-grade security for traffic inspection and protection can be configured, orchestrated, and managed using the same centralized console. Powerful networking and security convergence enabled by FortiOS everywhere: With Fortinet Universal ZTNA, Fortinet continues its legacy of delivering solutions that converge networking and security across its FortiGate platform. This convergence is powered by a single operating system—FortiOS—across all FortiGate form factors, including appliances, virtual machines, container solutions, SASE, and cloud deployments, to deliver coordinated security policies and consistent user experience. “Fortinet Universal ZTNA delivers the most complete support for work-from-anywhere by delivering a universal approach to ZTNA that is consistent on-prem, in the cloud or as a service via SASE. Because cloud-only ZTNA solutions aren’t able to adequately support in-office workers and do so at a high cost, we’re seeing an increasing adoption of Fortinet Universal ZTNA to support today’s hybrid workforce.” John Maddison, EVP of Products and CMO at Fortinet Customer and Partner Validation of Fortinet Universal ZTNA Organizations around the world rely on Fortinet Universal ZTNA to improve secure access to applications. Current Fortinet customers highlight the value of Fortinet’s offering: “We are drawn to Fortinet Universal ZTNA because it will allow us to control application access for both on-campus and remote users. Having ZTNA on-prem and in the cloud means we’re able to better ensure our hybrid workforce has access to the applications they need while keeping our network more secure and easier to manage and control with less resources. The ability to use the Fortinet gear we already have to apply ZTNA enforcement is really appealing.” - Tal David, Networking and Security Global Manager at Sapiens “We’re currently migrating away from our existing VPN solution to FortiClient with connections through our FortiGates. Because Fortinet delivers several security capabilities from a single agent, we will be removing multiple other security agents. And because the ZTNA agent is a part of FortiClient, we will more easily control our shift from traditional VPN to an easier to manage ZTNA with a more seamless end-user experience. Being able to implement granular control of user-to-application access at our own pace will make a big difference in our plans to reduce security risk in our network.” - JP DiCicco, IT Infrastructure Operations Manager at RES Americas “We were really attracted to the Security Fabric concept of the Fortinet solution and how those products all talk to each other and react in real-time based on their observance of threats. That along with the common management interface for the whole suite of products made it a really easy decision for us. Because of the integrated nature of Fortinet’s products, adding on ZTNA to further improve our security posture with granular access control is seamless.” - Colby Cousens, IT Director at Town of Danvers, Massachusetts Fortinet’s partners are also leveraging Fortinet Universal ZTNA to support their customers: “Fortinet’s dedication to consistently converging networking and security via FortiGate allows us to deliver immense value to customers. Having access to next-gen firewalling, SD-WAN and ZTNA all in one location and on one operating system that’s consistent whether on-prem, in the cloud, or as a service means easier management, better user experience, and a higher security posture.” - Marc Jabian, Cybersecurity Practice Manager at Netsync About Fortinet Fortinet makes possible a digital world that we can always trust through its mission to protect people, devices, and data everywhere. This is why the world’s largest enterprises, service providers, and government organizations choose Fortinet to securely accelerate their digital journey. The Fortinet Security Fabric platform delivers broad, integrated, and automated protections across the entire digital attack surface, securing critical devices, data, applications, and connections from the data center to the cloud to the home office. Ranking #1 in the most security appliances shipped worldwide, more than 580,000 customers trust Fortinet to protect their businesses. And the Fortinet NSE Training Institute, an initiative of Fortinet’s Training Advancement Agenda (TAA), provides one of the largest and broadest training programs in the industry to make cyber training and new career opportunities available to everyone.

Read More

VIRTUAL DESKTOP TOOLS

HUMAN Names Climb Channel Solutions as Preferred Distributor

Climb Channel Solutions | July 27, 2022

Climb Channel Solutions, an international specialty technology distributor and wholly-owned subsidiary of Wayside Technology Group, Inc. (NASDAQ: WSTG) was named preferred distributor with HUMAN’s enterprise defense platform enabling resellers to round out their security stack. “With a full suite of products focused on defending customer data and exposure to fraudulent activity Climb Channel Solutions is proud to be named HUMAN’s preferred distributor, The IT channel will soon be leaning on HUMAN’s products and solutions to help detect fraud within security, inventory, account management, and even marketing.” Dale Foster, CEO at Climb Recent reports have indicated that 77% of all digital attacks are bot-based, and bots and cybercriminals become increasingly sophisticated year after year. Today, HUMAN verifies the humanity of more than 15 trillion digital interactions per week, offering enterprises a platform with unmatched visibility into fraudulent activity across the internet. HUMAN achieves this scale with a suite of products to protect the complete digital customer journey: BotGuard for Applications, BotGuard for Growth Marketing, MediaGuard, and Bot Insights Services. As new partners and enterprises leverage the HUMAN Defense Platform, they benefit collectively from HUMAN’s Modern Defense Strategy, which is built on best-in-class visibility and network effect powered by collective protection and disruptions. “We are thrilled to add Climb Channel Solutions as our preferred distribution partner for North America as we continue to build HUMAN’s channel ecosystem,” said HUMAN Vice President of Channel Sales Ron Wagner. “Climb’s expertise as a value-added distributor along with their focus on emerging and disruptive technology makes them an ideal partner. We look forward to working with Climb and their vast network of resellers to realize HUMAN’s mission of safeguarding the integrity of the internet from bot attacks and fraud to keep digital experiences human.” About HUMAN HUMAN is a cybersecurity company that safeguards enterprises and internet platforms from sophisticated bot attacks and fraud to keep digital experiences human. Our modern defense strategy is enabled by internet visibility, network effect powered by collective protection, and disruptions, enabling enterprises to increase ROI and trust while decreasing customer friction, data contamination, and cybersecurity exposure. Today we verify the humanity of more than 15 trillion interactions per week for some of the largest companies and internet platforms. Protect your digital business with HUMAN.

Read More

Spotlight

The purpose of this document is to provide a study of Microsoft SQL Server consolidation on Cisco Unified Compute System (UCS). The primary objective of the study is to articulate the total cost of ownership (TCO) and return on investment (ROI) that can be achieved by companies wishing to consolidate SQL Server on Cisco UCS. Additionally, the study will also prove that consolidated SQL Server implementations on Cisco UCS can meet the scalability, availability and performance requirements mandated by today’s high-volume database implementations.

Resources