Remote.it takes steps toward zero trust with ‘single line of code’ provisioning
Network management company Remote.it today announced new features for its core SaaS-based service, including support for the Okta user identification platform and Docker containers, and what it’s describing as “programmatic deployment” of zero trust networks.
Essentially, the company said, the idea is to provide automated provisioning and deployment of network access to managed assetts — using a small, 80KB daemon designed to run on almost any hardware to hook into the TCP/IP stack and create a connection with Remote.it’s systems. The company’s own cloud then automatically configures the connection, without any requirement of input from IT staff.
“Let’s say [an asset] is making a connection to something in Finland,” said CEO Ryo Koyama. “The [agent] makes a request, our systems validate and authenticate, and we send down information to both points that has routing information and encryption keys.”
Beyond a simple reduction in workload, according to Koyama, the system comes with powerful security advantages — particularly with the use of a new tagging feature, which lets IT teams create tags for specific categories of users and assets with particularized access to other “tags.” This is more potent than simply using a VPN to protect organizational resources.
“Usually, [with a remote asset], people have to worry about protecting the sub-node address space,” he said. “In our case, it’s all bound to localhost, and what that means is that even if the local area subnet is breached, no one can see any services running.”
Experts described this as a useful approach to network provisioning and security, but took issue with the idea that the company’s product represents a turnkey “zero trust” capacity. According to IDC research director Christopher Rodriguez, zero trust requires a wider set of competencies.
“I would think of this more as a microsegmentation solution,” he said. “[Zero trust] tends to be more of a VPN replacement.”
Rodriguez’ colleague, IDC research manager Philip Bues, said that the process of implementing zero trust security is a graduated one – and generally not a short one.
“Most organizations that have zero trust or are moving there, that’s a multi-year kind of movement,” he said. “Beyond the [core aspects], there’s this visibility and governance angle – one of the biggest keyes to zero trust has to do with continuous assessment.”
READ MORE HERE