Forrester and Gartner recognize TransientX

Forrester Zero Trust Network Access Report

TransientX named a growth-stage vendor in Forrester’s Q2 2021 report on Zero Trust Network Access (ZTNA).

Forrester Report recognizes TransientX

In Forrester’s landscape overview of 34 Zero Trust Network Access providers, Forrester named TransientX as a Growth vendor to watch in the functionality categories of SaaS and Overlay Network (the 3rd category is self-hosted).

Forrester placed vendors into three groups:

  • Late Stage
  • Growth Stage
  • Early Stage.

Group placement is determined based on the following criteria:

  • The maturity of the ZTNA product
  • Number of years in business
  • Number of employees

With TransientX’s singular focus on ZTNA and track record of enterprise and MSP deployments globally, Forrester recognized us as a growth vendor in this key cybersecurity space.

Gartner recently included TransientX in the Emerging Technologies: Adoption Growth Insights for Zero Trust Network Access report published in March 2021, further validating our solution and approach as uniquely secure and easy to deploy, manage and use.

You can download the full Forrester report here or Contact Us for a trial and demo of why TransientX delivers true Zero Trust Access.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

TransientX Now a Citrix Ready Partner

TransientAccess is Citrix Ready

TransientX announced today the availability of TransientAccess zero-trust network access (ZTNA) in the Citrix Ready Marketplace as a Citrix Ready partner.

The Citrix Ready Program is a technology partner program that
helps software and hardware vendors of all types develop
and integrate their products with Citrix technology for Digital
Workspace, Networking, and Analytics.

TransientAccess delivers seamless ZTNA for Citrix customers, rounding out Citrix’s extensive remote working solutions.

In particular, for Citrix customers using Virtual Apps and Desktops the benefits are:

  • Integrated, seamless security from the endpoint to the cloud.
  • With ZTNA, secure the “last mile” with user-to-app connectivity to the Cloud – no more VPN. Any app, anywhere.
  • Secure Workspace Isolation – users can use any application, or browser to perform their enterprise roles, with secure, containerized sessions
  • Full DLP – watermarking to prevent screen capture, no unauthorized copy/paste, or downloads of sensitive data
  • Use any device – The containerized Workspace mitigates risks associated with compromised endpoints, enabling the use of even unmanaged devices

TransientX delivers truly secure, easy to use and deploy zero-trust access for an organization’s workforce and business partners. TransientX builds ephemeral zero trust application networks for every user. Instead of connecting devices to each other, TransientAccess connects apps on those devices to each other, using isolated overlay networks built for every user. Devices, managed or unmanaged, are never trusted or connected to corporate networks. Coupled with granular access control policies and full visibility into application and user activities, It provides true zero trust access by using microcontainers that isolate trusted apps and provide application-level connectivity independent of the underlying physical network topology . Simple isn’t easy – we’ve done the hard work making ZTNA easy to deploy, integrate and use..

“Our customers value the simplicity of our approach to ZTNA. Our partnership with Citrix continues to deliver on that approach – a fast and consistent user experience across platforms that provides true zero trust security by connecting users to apps, from any device or location. This addresses key security concerns and will accelerate adoption of ZTNA, moving away from legacy approaches like VPNs”– Egemen Tas, TransientX founder and CEO.

Want to know more? Contact us or visit the Citrix Ready Marketplace.

Fully Protect your Microsoft Exchange server with TransientX

Protect Exchange with ZTNA

Hafnium attack a wakeup call to protect on-premises assets with true zero trust application access.

A Critical Problem To Address

On March 3, 2021 the US Government issued a rare directive to mitigate vulnerabilities with on-premises Microsoft Exchange servers because of a widespread hack by a state-sponsored group Microsoft calls Hafnium. With 43% of all Exchange mail accounts managed on-premises, and more than 30,000 servers in the United States alone, the risk of Chinese hackers obtaining invaluable data from these at-risk servers is the new info-pandemic

The underlying reason why this hack is so widespread is simple: Businesses have cracks in IT infrastructure that permit hackers to violate two key tenets of IT security:

  1. Protect the servers: Block bad-actors from access to the enterprise data center or private cloud where the apps and data reside
  2. Protect the data: Prevent end-users or malware on devices to exfiltrate data

Hackers have accessed Microsoft Exchange through publicly exposed paths, and back-door breaches have allowed them to access the server directly. To stop both risks, all access to the servers must be controlled. Specifically, unprotected access to these services must be stopped:

  • Outlook Web Access (OWA)
  • Microsoft Active Sync for mobile access
  • Microsoft MAPI over HTTP access for Outlook to access Exchange

VPN: You are still at risk

The first answer that may come to mind is to use a VPN. That unfortunately just kicks the can down the road. The VPN limits access to the data center only. However, any infected end-user device then just needs to connect via the VPN to OWA or the Exchange server. At that point, malware will have unfettered access

ZTNA: You could still be exposed

Many zero trust access services have arisen to limit user devices to only access designated servers. Said differently, if a user device uses Zero-Trust Network Access (ZTNA) and their infected device is accessing an application other than Exchange, they will not be able to reach Exchange and infect the server. This is fine if the user is not using Outlook or OWA. If they are, once Outlook attempts to access Exchange, most ZTNA solutions will treat this as a legitimate access request and open the path to Exchange. Then, malware on the device will likewise have a clear path to Exchange!

TransientX: The only Zero Trust solution to prevent Microsoft Exchange Server infections

The only fool-proof way to protect enterprise-managed on-premises Microsoft Exchange servers is via TransientAccess, the next-generation Zero Trust Application Access solution from TransientX. 

TransientAccess delivers three distinct capabilities to prevent malware from ever reaching the Exchange server, for all access methods:

  • Hide the Exchange Server: The server IP addresses, and DNS names are never published or visible. The TransientAccess virtual network dynamically maps virtual addresses to the real address, with different mappings per user and per server. Malware looking for these servers cannot find them because they are camouflaged. By preventing this potential east-west traversal, malware is blocked from attacking the servers.
  • Connect the app to the Exchange server: TransientAccess is unique in the market in its ability to securely wrap any application, including browsers and Outlook, in an isolated workspace to limit its available network destinations. Therefore, malware cannot reach the enterprise data center without infecting Outlook itself, or the browser directly.
  • Secure the browser and Outlook from malware: The TransientAccess secure micro-container protects applications from malware. When the user activates their browser to reach OWA, or uses Outlook, the secure micro-container prevents malware from affecting the application. This means that as long as the browser or Outlook are protected by TransientAccess, malware cannot reach or infect Exchange servers.
Protecting Microsoft Exchange with Zero Trust Application Access
Protecting Microsoft Exchange with Zero Trust Application Access

Below is a comparison between VPN, basic ZTNA, and TransientAccess:

VPNZero Trust Network AccessTransientX- Zero Trust Application Access
Protect Data Center and cloud
Controlled Access
Prevent Malware from accessing Exchange
Prevent users from copying, downloading data
VPN vs ZTNA vs Zero Trust Application Access with TransientAcccess

Visit  www.transientx.com for more on zero-trust network access or go here to get TransientAccess now for free!

Zero Trust, Zero Cost – Free

TransientAccess ZTNA free

Who doesn’t like free stuff?

Everyone does, right? Then good news. We’re making zero trust network access (ZTNA) zero cost (free!) for organizations with up to 20 users.

That’s right, we’re bundling all the core features and protections you want in true zero-trust network access solution – enterprise-grade end-to-end security coupled with Zoom-like ease of use. Free Zero Trust Network Access for up to 20 users with up to 5 devices each

Windows, Mac, Android or iOS – we’ve got you covered with the same cross-platform user experience on every device. We’re also including a connector for accessing legacy applications in your data center.

Go to our pricing page to get all the details of what’s included.

TransientAccess ZTNA free
TransientAccess ZTNA now free

Still not convinced? Contact us for a demo first and we’ll show you why TransientAccess is a true next-generation Zero Trust Network Access (ZTNA) solution. It builds ephemeral zero trust application networks for every user. Instead of connecting devices to each other, TransientAccess connects apps on those devices to each other. It uses isolated overlay networks built for every user. Devices, managed or unmanaged, are never trusted or connected to corporate networks. Coupled with granular access control policies and full visibility into application and user activities, it provides true zero trust access by using microcontainers that isolate trusted apps and provide application-level connectivity independent of the underlying physical network topology.

Simple isn’t easy – we’ve done the hard work making ZTNA easy to deploy, integrate and use.

TransientX Now a McAfee Security Innovation Alliance Partner for ZTNA

TransientX ZTNA with McAfee UCE

McAfee® MVISION Unified Cloud Edge (McAfee UCE) customers worldwide can now protect their private clouds with true zero-trust security from edge to cloud with TransientAccess  zero-trust network access (ZTNA).

We announced today the availability of TransientAccess ZTNA in the McAfee MVISION Marketplace,  as a McAfee Security Innovation Alliance partner.

McAfee Security Innovation Alliance (SIA) is the security industry’s most open partner ecosystem empowering customers to deploy technologies that facilitate faster innovation cycles, build a coordinated, unified defense, and deliver security-based business outcomes. This drives a new era in security where all components come together to work as a single cohesive system, regardless of vendor or underlying architecture.

By integrating with McAfee UCE, TransientAccess delivers seamless ZTNA for UCE customers, rounding out a SASE solution from the endpoint to the Cloud. McAfee UCE customers can provision this powerful ZTNA solution from TransientX with a few clicks of a mouse from within the MVISION Marketplace

For joint customers the benefits are:

  • Integrated, seamless security from the endpoint to the cloud.
  • With ZTNA, secure the “last mile” with user-to-app connectivity to the Cloud – no more VPN. Any app, anywhere.
  • Secure Workspace Isolation – users can use any application, or browser to perform their enterprise roles, with secure, containerized sessions
  • Full DLP – watermarking to prevent screen capture, no unauthorized copy/paste, or downloads of sensitive data
  • Use any device – The containerized Workspace mitigates risks associated with compromised endpoints, enabling the use of even unmanaged devices

TransientX offers a next-generation ZTNA solution which builds ephemeral zero trust application networks for every user. Instead of connecting devices to each other, the TransientAccess service connects local apps on those devices to their servers, using isolated overlay networks built for every user. Devices, managed or unmanaged, are never trusted or given direct access to corporate networks. Coupled with granular access control policies and full visibility into application and user activities, the solution provides true zero trust access by using microcontainers that isolate trusted apps and provide application-level connectivity independent of the underlying physical network topology. Simple isn’t easy – we’ve done the hard work making ZTNA easy to deploy, integrate and use.

“McAfee believes security is best served by ‘together is power’,” said Javed Hasan, Global Head, Product Strategy and Alliances at McAfee. “We’ve invested in an open approach for our platform to deliver top quality integrations. Adding TransientX as a ZTNA provider, sharing posture information from our massive endpoint security base, provides customers with the best option for their environment, enhancing their deployment with valuable intelligence from the McAfee ecosystem. Together with SIA partners like TransientX, we are strengthening security for the critical apps that enterprises rely on every day.”

McAfee Security Innovation Alliance is the security industry’s most open partner ecosystem empowering customers to deploy technologies that facilitate faster innovation cycles, build a coordinated, unified defense, and deliver security-based business outcomes. This drives a new era in security where all components come together to work as a single cohesive system, regardless of vendor or underlying architecture.

“Our customers value the simplicity of our approach to ZTNA. Our partnership with McAfee continues to deliver on that approach – a fast and consistent user experience across platforms that provides true zero trust security by connecting users to apps, from any device or location. This distinct approach addresses key security concerns and will accelerate adoption of ZTNA, taking key steps toward network transformation”– Egemen Tas, TransientX founder and CEO.

McAfee MVISION UCE with TransientAccess ZTNA
McAfee MVISION UCE with TransientAccess ZTNA

Want to know more? Contact us or download TransientAccess for free here.

How Caglayanlar Secured Remote Access with McAfee UCE and TransientAccess

McAfee UCE and TransientAccess ZTNA

Caglayanlar, a leading automotive parts distributor, stopped critical data leakage and secured remote access with McAfee® UCE & TransientAccess ZTNA

Caglayanlar, a Turkish automotive parts distributor, was struggling to provide secure remote access to employees and business partners, losing critical business data to competitors. We did a case study on how Caglanyar achieved true edge-to-cloud SASE security with McAfee UCE and TransientAccess ZTNA.

Collecting, analyzing and prioritizing logs consumed many hours that the IT team could ill afford to spare. The team had to constantly review the security status of devices such as mobile phones and personal computers connected to the company network. In addition, the company faced a problem of password sharing by its dealers, and by extension
information that was intended only for a specific dealer. This situation was a challenge for the company, bypassing many security measures and leading to data leakage to unrelated parties.

Preventing Data Leakage

To prevent data leakage, the IT team had to manually analyze the situation, identify the resellers who provided such access and restrict their access. At that stage, it was not possible for the IT team to provide a view through a common portal to review and manage security logs. In such situations, the logs on different devices and on different days had to be examined separately. These devices included remote access VPN devices, firewalls and hardware such as switches and routers. Such an approach both consumed a lot of time and required the technical expertise of the staff to cover all devices. This situation made it impossible to manage against such threats with limited resources and personnel for the company and left the company exposed.

Data Privacy and Compliance

Data privacy and protection regulations like GDPR and KVKK (Turkish regulations similar to GDPR) compelled Caglayanlar to review its information security practices and the importance of protecting employee and customer data. The automotive sector has become increasingly complex, and this was reflected in the security challenges faced by
Caglayanlar. They elected to find a trusted partner in Turkey, DemirBT. DemirBT brought their expertise to the table in a joint consultation to create a safe end-to-end computing environment for Caglayanlar.

“Easy-to-use TransientAccess integrated with McAfee UCE allows us to automate our defenses much more. We can do tasks automatically faster and easier, so we can use our team’s resources where they can add the most value.”

-Sinan Güner, Deputy general manager

McAfee MVISION UCE and TransientAccess:

Solving critical infrastructure and remote access challenges.

With DemirBT, they carried out POC studies with many product alternatives and decided on McAfee MVISION, McAfee’s Device-to-Cloud security platform, including McAfee Unified Cloud Edge (McAfee UCE) and TransientX’s TransientAccess Zero Trust Network Access (ZTNA) product. With its product range, McAfee MVISION solved the problem of data leakage on end user devices with McAfee DLP and disk encryption products, and provided solutions to manage them on a single pane of glass. Complementing the McAfee MVISION solution, TransientX’s TransientAccess product for remote access ensured employees, dealers and business partners could access their applications and related critical data remotely without having to expose them to the internet. They also made sure that the dealers could access their applications only from the devices defined for them by the TransientAccess policy.

Conclusion

This powerful and comprehensive suite replaced legacy manual efforts that Caglayanlar had used in the past. The combined solution used McAfee MVISION DLP with Disk Encryption and TransientAccess to defend against emerging and targeted attacks. This combination mitigates all data stealing and malware attempts as well as fraud attempts by rogue dealers.

Read the full case study here .

If you’re running McAfee UCE, TransientAccess is available on the MVISION Marketplace .

Or you can start for free here.

How a leading MSP delivers secure monitoring with TransientAccess ZTNA

Cyflare’s One Converged Security Platform (formerly SOC In A Box) service deploys managed appliances to end user networks via their channel partners. Cyflare needed a better way than SSH to securely remotely manage the devices.

Secure Access: SSH vs ZTNA

Cyflare has hundreds of appliances deployed to customers globally for remote security monitoring and management services.

While looking for a product to replace the default SSH access for appliance administration, Cyflare found TransientX’s TransientAccess. Cyflare’s goals were to:

  • Implement a zero-trust model
  • Move away from SSH
  • Limit access to only the minimum resources allowed to the people that needed
  • Reduce support overhead

The default manner of remotely managing the Cyflare appliances was via SSH. This came with a host of usability and security challenges. SSH was complicated to set up securely and manage, hampered by a lack of knowledge by partners and customers.

Now they simply login through the TransientAccess disposable container client. Policies set by Cyflare ensure they have visibility only to the appliances they are allowed to access. Cyflare automated a simple provisioning process that sclaes and enforces the least privilege principal for who can access what.

“Moving to TranstientAccess allowed us to focus more on our core services and worry less about the risk of a breach. Implementation of the solution is simple and requires no involvement from our customers. We practice what we preach, delivering for our customers a security management and monitoring solution that is itself truly secure from end to end. “ -Evan Hausle, Director of Sales Engineering”

As part of their search for a solution, Cyflare explored how they could implement true Zero Trust Network Access.  Moving to VPNs were not an option as that would have created a whole new set of security issues. As part of the move to ZTNA, Cyflare was able to discontinue some legacy VPNs in place for other uses.

ZTNA Solution Evaluation: Transient Access

They evaluated other ZTNA solutions on the market, but found shortcomings with all the alternatives. Some products were:

  • Cloud-only
  • Passed traffic through their own systems (creating regulatory and compliance issues
  • Limited to only web-based applications.

In addition to the technical advantages of TransientAccess, Cyflare selected TransientX because of the confidence in the team and the level of support they received.

In addition to the requirement of replacing SSH, another requirement for Cyflare was to host their own Controllers in order to deliver flexible provisioning for partners. The ease of deployment and support for different deployment options was another key factor in selecting TransientAccess.

Read the full case study here or contact us to try it out for yourself.

How a Global Paint and Chemical Company Secured Remote Workers with TransientAccess ZTNA

Betek, with 2000 employees in 16 countries, chose TransientAccess to replace its legacy VPN with Zero-Trust Network Access (ZTNA), allowing them to use remote clients, SAP in particular, with confidence.

While looking for a product to replace their current VPN solution and secure remote workers, Betek found TransientX’s TransientAccess based on a recommendation from their partner, Maya ICT, one of Turkey’s leading MSSPs. Maya ICT had already incorporated TransientAccess into their cloud security offering for customers. Betek’s goals were to:

• Implement a zero-trust model
• Secure remote workers with ZTNA and eliminate the VPN
• Provide granular control of remote network access between offices
• Provide secure access by 3rd parties to in-house SAP apps without a VPN
• Implement micro-segmentation of critical apps
• Create and manage application-based user policies within minutes
• Support private cloud and hybrid architectures

As part of their search for a solution, Betek explored how they could implement microsegmentation in their critical applications for the company with their existing systems, but they could not fully support this for end users. Managing the many different user profiles in order to partially control access to their VPNs was time consuming and difficult.
This solution was not scalable and was difficult in terms of change management. Moreover, they had to support a wide variety of their customers’ IT architectures, including private cloud and hybrid architectures.

” TransientAccess is very easy to use, but the main benefit is that it provides very powerful control with the features it provides.
They made it possible to define a variety of policies for different groups with different needs. We could not find any other alternative system that met our needs as we define various policies for all our users. It provides security so easily.” -Feza Zengin,
IT Manager at Betek.

Read the full case study here or contact us to try it out for yourself.

Zero Trust Network Access: What and Why?

Legacy NAC and VPN for accessing corporate networks

ZTNA, NAC, SDP, RDP, VPN: Making sense of the remote access alphabet soup.

Zero Trust Security is a hot topic and with good reason. But what does it really mean in practice, when applied to solving remote access security challenges? In this post we provide an introduction on Zero Trust Security as it applies to Network Access (ZTNA) to help sort it out.

Before Zero Trust, a user or device was validated as having the correct credentials and the right to access the network. Once that step was complete the user or device had a wide open path to the network and resources. To mitigate the risk that a valid user would access systems they weren’t supposed to, role-based access control (or RBAC) was implemented. In theory this worked in conjunction with least-privileged access (the Principle of Least Privilege or PoLP) so that users were only granted access to the resources they needed and nothing more.

VPNs – Virtual Private Networks – are the ubiquitous technology for providing remote users access to enterprise resources. However, they are a network-layer technology, meaning that once the user is validated and logged in, the user’s device now has an open network connection to the corporate network. To mitigate the security risk of this open pipe, in addition to RBAC and PoLP, enterprises deploy Network Access Control (NAC) to verify first that a given device has the correct security posture – is the device allowed, independent of the user? Does the device have up to date AV running and passed a scan? And so forth.

VPN
Legacy NAC and VPN for accessing corporate networks

Once a user logged in to the VPN client, and his device passed the NAC security check, one of the most common resources accessed are remote desktops, most often with Remote Desktop Protocol or RDP. Although it is a proprietary Microsoft protocol, it does have cross-platform support for non-Windows devices.

That in essence is the technology stack most widely deployed in enterprises today to enable remote access: VPN clients where devices are validated by NACs. Users are granted access based on RBAC, PoLP to resources, including remote desktops over RDP.

Zero Trust Network Access (ZTNA) offers a simpler, more secure alternate vision. ZTNA turns the existing paradigm on its head – rather than open up a wide open pipe and then retroactively find ways to narrow it down, ZTNA assumes no device or user should be trusted, and no access granted by default except that explicitly required only for the duration required.

This is critical in a world where there is no fixed perimeter any more, but rather a software-defined perimeter (SDP).

TransientAccess takes ZTNA and SDP a step further, delivering true app-to-app connectivity over disposable networks. That is, there is never a device to device connection, nor is a user validated for anything more than what the user needs access to for the time the user is accessing it.

TransientAccess Zero Trust Network Access
TransientAccess Zero Trust Network Access

TransientX has a unique approach to Zero Trust Network Access (ZTNA):

  • A lightweight agent, creating a disposable virtual network connecting the local app to the enterprise resource on-prem or in the cloud.
  • A “Transient Virtual App Network”

This approach means TransientX can deliver on the promise of truly secure remote access for an organization’s workforce and business partners. Learn more in our intro video, contact us to get TransientAccess now or scroll below for further reading:

Further Reading:

https://transientx.com/content/zero-trust-network-access.html

https://transientx.com/content/zero-trust-network-access.html

References:

https://en.wikipedia.org/wiki/Principle_of_least_privilege

https://en.wikipedia.org/wiki/Role-based_access_control

https://en.wikipedia.org/wiki/Virtual_private_network

https://en.wikipedia.org/wiki/Remote_Desktop_Protocol

https://en.wikipedia.org/wiki/Software_Defined_Perimeter

Delivering a Unified TransientAccess User Experience

TransientAccess User Experience (UX)

For users, a consistent UX across all platforms and devices

TransientAccess provides a consistent user experience across all platforms: Windows, Mac, iPad, Android and iPhone. We’ve produced a short video showing how TransientAccess delivers radically simple Zero Trust Network Access (ZTNA) with the same UX across all devices and platforms, whether the devices are managed or unmanaged.

Ease of use, simplicity, performance and consistency are security factors. Nothing will motivate end users faster to bypass security controls than poor UX or degraded performance. With the TransientAccess user experience, the user sees no performance degradation vs VPN and has no learning curve as they switch platforms and devices.

See more here and contact us if you’re ready to try for yourself: