Introducing Id-First Networking thumbnail

Alex Marshall • 

If there’s something we’ve realized since we based Twingate, it’s that firms soar by means of extraordinary hoops to grant, handle, and safe entry to their networks. Whether or not it’s whitelisting ever-changing IP addresses; sustaining complicated subnet assignments and VLAN segments; or manually piecing collectively community occasions throughout hybrid networks, these heroic duties all have one thing in widespread: making up for the shortcomings of TCP/IP.

The place open, trusted entry made sense on the inception of laptop networking nearly 50 years in the past, the precise reverse is true at the moment. Belief can now not be assumed primarily based on being bodily hardwired to a community, and units might have a number of IP addresses and hop throughout many networks in a single day. New layers of authentication, anomaly detection, and monitoring are regularly being added to each layer of the community stack, however these approaches don’t deal with the foundational shortcomings.

Twingate turns this mannequin on its head by rethinking these base assumptions round networking. Slightly than making an attempt to filter each community session in search of anomalies or performing extra checks on each community connection that arrives at a vacation spot, Twingate begins by asking a easy query: ought to a community request even be allowed to depart a tool? And if that’s the case, whose identification must be hooked up to it?

When you begin to consider each connection in your community as requiring an identification that simply occurs to have a supply IP deal with, it makes setting parameters and understanding community exercise lots simpler. As a result of community connections are by no means allowed to enter your community with out an identification hooked up to an specific authorization, there isn’t a longer any query of who a community connection belongs to and why it was licensed.

Our prospects have been thrilled with the expertise of throwing out their clunky VPN and changing it with Twingate’s new method to managing community entry, which we name Id-First Networking. As we speak we’re proud to announce the launch of this foundational method with the next new product options and partnerships.

Main identification supplier help & SCIM-based synchronization

Twingate is pushing the boundaries of safety and usefulness on the earth of Zero Belief. They’ve created a product that begins with identification on the middle. OneLogin is proud to associate with Twingate to convey Id-First Community safety to essentially the most demanding and progressive firms on the earth.

— Chelsea Wadsworth, Director of International Alliances, OneLogin

Trendy organizations—with a myriad of functions utilized by a distributed workforce—rely on centralizing consumer identification to ease administration and enhance safety. Given the advantages, consumer identification as a primitive has been utilized throughout just about each software that enterprises use at the moment, however the community layer has been left behind.

Twingate permits the advantages of identification on the community transport stage (any TCP or UDP connection), permitting our prospects to unify each community and software entry centrally. Now each useful resource in your community—together with databases, servers, k8s clusters, and many others.—which are usually very tough (if not not possible!) to combine along with your identification supplier natively could be managed in a single place. If a consumer shouldn’t be entitled to entry a community vacation spot, their visitors won’t ever traverse your community.

Person authentication is simply a part of the story. Equally essential is making certain that consumer lifecycle state and relevant group membership is synchronized promptly and precisely. Twingate helps SCIM for consumer and group synchronization, extending automated onboarding and offboarding to each useful resource in your community. Twingate integrates with the most important identification suppliers together with Okta, OneLogin, Google Workspace, and Microsoft Azure AD.

Common Two-Issue Authentication

As we speak we’re launching native two-factor authentication to our Enterprise and Enterprise prospects, which can enable extra fine-grained controls impartial of your chosen identification supplier and impartial of the vacation spot. We name this expertise Common 2FA as a result of it may be utilized to any sort of useful resource with zero software modifications.

One of many “wow” moments for our prospects is utilizing Twingate’s Common 2FA to use discretionary safety ranges to sources based on their sensitivity. For instance, admins can make sure that customers with manufacturing community SSH entry are topic to a further 2FA problem. The shortage of software modifications, and suppleness to work with any protocol or useful resource, signifies that safety modifications could be made instantly. The consumer expertise can also be seamless, working in-line with the consumer’s workflow due to Twingate’s transport-level community routing.

Id-indexed community circulate logs and analytics

With each community connection authenticated towards a central consumer identification and licensed by safety insurance policies outlined in Twingate, for the primary time ever, our prospects now have an identity-first view of their personal community circulate. All personal visitors is all the time immediately related to consumer identification, together with the authorization rule that allowed the connection, community path data, knowledge quantity transferred, and port particulars.

Id-indexed community analytics make it easy to not solely decide who accessed inside sources, however to rapidly determine utilization patterns, traits, and spot anomalous habits. For forensic investigations, gone are the times of piecing collectively time-stamped community logs and IP addresses from disparate methods to attempt to perceive a sequence of occasions. Id ties all entry data collectively, no matter location, gadget, working system, or community.

Safe your web visitors with DNSFilter

In 2020 we noticed an enormous improve within the variety of on-line threats focusing on firms who’ve transitioned to a distant work setting. Our partnership with Twingate permits these firms to, by means of using our merchandise, have entry to true end-to-end menace safety whereas connecting from anyplace on earth. We’re excited to associate with a Zero Belief answer like Twingate that gives an alternative choice to conventional VPNs.

— Ken Carnesi, CEO, DNSFilter

Twingate secures your personal community visitors, however we additionally acknowledge the chance that public web entry introduces to firm units, significantly because the prevalence of ransomware and phishing assaults has surged in our work-from-anywhere actuality. Working from dwelling, with out the safety of a company firewall, has left units extra susceptible. DNS filtering is a important part in defending workers from these threats.

Since our inception we’ve made it an specific product aim to make sure that we “play good” with different community safety merchandise. Our perception is {that a} mixture of specialised merchandise, with the businesses behind them targeted on fixing their drawback house in depth, presents the very best final result for purchasers.

As we’ve gotten to know the group at DNSFilter, they couldn’t embody this spirit of focus in depth extra absolutely, and we’re excited to associate with them to supply a whole answer to guard workers. With DNSFilter’s AI-powered content material filtering answer and multi-platform roaming consumer, admins can now deploy DNSFilter and Twingate facet by facet to completely defend each personal and public consumer visitors, irrespective of the place they’re and what gadget they’re on.

Essentially the most progressive firms are adopting Twingate

From our firm Zoom name after rolling out Twingate:“Already modified my complete life. Run, don’t stroll, to Twingate!”

— Neal Harris, Director of Safety, Persona

Since we launched Twingate, we have now been lucky to associate with among the most progressive, fastest-growing firms around the globe. Most of our prospects are going through related challenges—juggling efforts to quickly scale their groups whereas coping with the realities and limitations of distant work utilizing outdated know-how.

Most notably, our prospects have discovered large worth in transferring away from their current piecemeal community entry options constructed on prime of VPNs, which have develop into brittle and tough to handle after years of accumulating tech debt. Quick-growing firms like Human Curiosity, Body.io, and Persona have been capable of simplify entry for workers, contractors, and admins, whereas attaining a extra sturdy safety posture by transitioning to Twingate.

Twingate prospects report that they typically cut back deployment time by 80% and ongoing consumer setup and help load by 90% in comparison with their earlier VPN, all whereas increasing their distributed workforces in a safer method.

That is only the start

We’ve an bold 2021 product roadmap that can proceed to construct on the muse that we’ve laid out above. We’re pleased with our deal with ease of use, which has allowed our prospects to undertake our imaginative and prescient of Id-First Networking with minimal effort.

Give Twingate a attempt without spending a dime at the moment. We’d love to listen to what you assume.

By Admin

Leave a Reply

Your email address will not be published. Required fields are marked *