More than ever before, users and applications no longer reside at the office. Organizations are managing a mobile and globally distributed workforce that needs access to corporate systems, applications, and data from outside the traditional network perimeter. In addition, cyberattackers are exploiting this situation with an increase in malware and phishing attacks aimed at remote workers.
Now, enterprise security teams are dealing with a much larger attack surface as well as online threats that are increasing in sophistication and volume. Many security teams do not have scalable security solutions that work together to provide deeper visibility and enhance decision-making efforts. Secure access and malware protection are the key components of a Zero Trust architecture and the building blocks of a secure access service edge (SASE) framework. The best approach for a secure workforce is to enable access visibility and control, and integrate threat protection into that visibility.
To enhance Zero Trust network access, Akamai is introducing new functionality within Akamai Enterprise Application Access that leverages the endpoint protection capabilities of CrowdStrike. Better together, Akamai and CrowdStrike enhance the usability within the Akamai Enterprise Application Access and Enterprise Threat Protector solutions.
Enterprise Center is an all-in-one portal for you to easily manage Enterprise Application Access and Enterprise Threat Protector (Enterprise Defender) together, with a consistent user interface and improved efficiency. Administrators gain deeper visibility and a comprehensive view of all data in one location, and can customize dashboards and widgets to make better decisions about securing access and protecting users.
One of the key components in determining secure access decisions is the receipt of threat signals from devices — knowledge of a potentially compromised device leads to better access decisions for the user assigned to that device. Enterprise Application Access is an easy-to-deploy, cloud-delivered service that empowers secure, high-performance access to applications, bypassing the need for network access. It provides secure identity, single sign-on, multi-factor authentication, and monitoring capabilities for applications. It also enables access decisions based on user identity and contextual signals such as time of day, location, specific URL, and HTTP method.
Enterprise Application Access has device posture capabilities for administrators to evaluate a device for compliance and threat assessments before allowing access to sensitive applications. This information can then be used to create rules and policies. Users can be categorized as low, medium, or high risk, giving administrators the ability to finely tune application access rules based on user context.
Assessing devices based on risk profile allows administrators better and more granular control to ensure security requirements are met before application access is granted. Administrators can further simplify intelligent access decisions with risk assessment device tags. Rules can be written to classify a set of devices with defined requirements into a specific tag. Akamai integrates our own threat signal functionality within Enterprise Threat Protector, as well as third-party solutions to expand the threat signals we collect and provide to administrators.
Our newest partnership and integration with CrowdStrike now enables Enterprise Application Access to independently verify that the CrowdStrike Falcon sensor is properly installed and fully operational on a device. This risk assessment information enriches existing context and delivers more intelligence for enhanced secure access to corporate applications.
The CrowdStrike Falcon sensor sends data to the CrowdStrike cloud. Enterprise Application Access device posture functionality, configured with the user’s credentials, can access this information on the Falcon platform on the user’s behalf. Akamai utilizes these Falcon-delivered signal values to classify devices as medium or high risk for additional information on whether to block or allow application access. This enables increased application security and prohibits devices with poor security posture from accessing enterprise applications.
You can easily configure this new functionality by entering relevant details from the CrowdStrike Falcon console into Enterprise Application Access. The integration enables granular visibility for the Falcon agent within Enterprise Application Access including the version of the sensor, as well as identifying information about the endpoint and the user. In addition, the sensor health is checked based on the recent CrowdStrike sensor-to-cloud communication, and details regarding the timing are provided for deeper threat visibility. You can also create reports within the Enterprise Application Access console for users with CrowdStrike Falcon managed endpoints.
To learn more about Akamai’s approach to a Zero Trust architecture, go to akamai.com/zerotrust.
There will be more opportunities to engage with us on this and more at Edge Live | Adapt. Sign up to see how customers are leveraging these improvements, engage in technical deep dives, and hear from our executives how Akamai is evolving for the future.
*** This is a Security Bloggers Network syndicated blog from The Akamai Blog authored by Beth Barach. Read the original post at: http://feedproxy.google.com/~r/TheAkamaiBlog/~3/xrt2f2isc-s/better-together-akamai-enhances-zero-trust-network-access-with-crowdstrike.html