Axis Security, a provider of cybersecurity services focused on zero trust, has announced a set of new features on Atmos ZTNA (zero trust network access), the software-defined network access module within its cloud-native SSE (security service edge) platform, atmospheres
Additionally, the company has revealed a suite of tools to help companies migrate from traditional ZTNA to Atmos’ ZTNA service.
“ZTNA 1.0 lacked support for legacy network protocols, few even failing to inspect private traffic,” says Gil Azrielant, CTO and co-founder of Axis. “Atmos ZTNA supports all ports and protocols to fully replace VPNs. Additionally, the multicloud architecture with the new features added makes Atmos ZTNA the most highly available, and scalable ZTNA solution.”
The additions to Atmos ZTNA come shortly after the company’s formal release of Atmos in April as a cloud-native alternative to data center-based, legacy network architectures and SSE platforms. Other modules on Atmos’ SSE include a secure web gateway (SWG), cloud access security broker (CASB), and a custom dashboard monitor into network data.
Atmos ZTNA, on launch, offered connectivity through its 350 Atmos edge facilities running on the backbone of global cloud services such as AWS Global Accelerator, Google Cloud Platform, and Oracle.
Atmos ZTNA includes automation enhancements
Atmos ZTNA has now onboarded several “hyperintelligent” features that provide an edge over legacy ZTNA solutions, adds Azrielant. One of these features includes leveraging telemetry data gathered from identities, devices, and connectors to allow multicloud point of presence (PoP) resolution for the selection of the most optimal connectivity path and autoselecting between AWS, Google, or Oracle PoP for brokering.
Also added using this continuous telemetry is an autosession termination capability to terminate live sessions if an identity or user group changes take place. The telemetry now powers the “live” device posture status added on the Atmos dashboard to help IT admins autodetect jailbroken end-user devices, the company said.
New features in Atmos ZTNA also include a domain discovery tool that helps auto-discover additional unknown related domains every time a new application is onboarded, to allow adding to the application’s existing policies.
“One of the biggest goals we wanted to accomplish was to make onboarding new apps extremely easy for customers,” adds Azrielant. “With this tool, the admin simulates access and behavior in the new web application as the system learns the domains, compiling a list of additional domains. The list is then presented to the admin for approval, allowing the admin to select the domains to add to the application’s configuration.”
Additionally, Atmos ZTNA has added a user group pairing capability to define the IP ranges and destinations specific user groups have access to, providing granular segmentation and control through a master override of any other default policies to achieve “true least-privilege access,” according to the company.
Rounding out the enhancements are a set of new PoPs Axis has added in San Jose, Phoenix, North Virginia, London, Frankfurt, Jerusalem, Hong Kong, and Sydney responding to increased customer demands. Axis also revealed a new “PoP desert” initiative to add customers as design partners to discover geographic areas for deploying new Atmos PoPs.
Axis adds migrations tools and a buyback program
Axis outlined many problems with ZTNA 1.0 solutions, calling them inadequate to support legacy protocols like voice over internet protocol (VOIP), internet control message protocol (ICMP), and Application System AS/400.
Atmos ZTNA, being a cloud service, supports all ports and protocols (including VOIP, ICMP, and AS400), adds Azrielant. “It also provides agentless support for secure shell (SSH) protocol, remote desktop protocol (RDP), Git, and databases. This allows for full VPN replacement.”
To allow enterprise teams to migrate from legacy ZTNA applications to the Atmos ZTNA service, Axis has added a suite of tools it claims to be “industry first.” The migration tool takes application segments developed in Zscaler Private Access (ZPA) and converts them to Atmos ZTNA applications. Customers can then use the service’s policy system to define policies within a few minutes, Axis said.
All of the new tools and Atmos ZTNA enhancements are generally available now.
Additionally, Axis has launched a ZTNA buyback program, giving ZTNA application customers up to six months of free service when they replace their ZTNA service and agree to a three-year Atmos Core Edition subscription.
Copyright © 2022 IDG Communications, Inc.