Advanced VPN solutions for the cloud
Unmatched security combined with exceptional flexibility
In recent years, the cloud has helped IT security networks prepare for digital transformation in a flexible way. Technology and standards such as SASE, Single Sign On, SD-WAN or Zero Trust have opened up new possibilities for remote access today. However, potential attack vectors are also increasing due to advances in networking technology. Cloud solutions in companies must therefore be as secure as on-premise infrastructure.
NCP is ready to meet this challenge with enterprise VPN products designed with users, companies and service providers in mind.
How does VPN from NCP integrate into a software-defined area network?
An SD-WAN (Software Defined Area Network) is basically a distributed computer network that connects company sites in many different locations in an intelligent way. Connecting many sites and networks requires a very high level of security to protect the network against attackers. The software-based VPN solutions from NCP protect the SD-WAN.
The network is protected by combining an NCP Virtual Secure Enterprise VPN Server (vSES) as a gateway and NCP Secure Enterprise Managements (SEM) as a management system. In this case, the gateway is not located directly in the cloud, but forms a secure environment directly on the server behind the firewall. Administrators use NCP Secure Enterprise Management to manage all security-related tasks centrally for the SD-WAN. This ranges from user and device authentication, firewall configurations and central update management to multi-factor authentication and endpoint policy checks, which check every login attempt and security on end devices.
What role does NCP software play in a SASE setup?
SASE (Secure Access Service Edge) is a network architecture that combines WAN services and security functions such as Zero Trust or VPNaaS (VPN as a Service) in a cloud-based solution.
NCP's managed enterprise VPN solutions deliver the right IT security partner for the SD-WAN. As a 100% software-based VPN product, the NCP solution can be operated completely flexibly in the cloud and transmits data via an encrypted connection to the company network. All data is transferred via an IPsec tunnel, which ensures maximum security at high speeds.
How does NCP software work with an SSO/SAML configuration?
Security Assertion Markup Language (SAML) is an open standard that supports using and verifying credentials for multiple websites. Users can log into different web-based applications with a single account, eliminating the overheads of managing several accounts. This concept is also known as Single Sign On (SSO).
NCP Gateway and Secure Enterprise Management can be understood as the entry point for cloud remote access via SAML. Our solution takes on the role of an authentication provider (AP) in this process. Once the user login request through the SSO portal has been verified, the NCP client establishes a VPN tunnel. The tunnel can be used by internal services, and external cloud applications can be routed dynamically past the tunnel by using the NCP VPN Bypass or Application Based Tunneling features. Thanks to IPsec encryption, all connections to the company network are perfectly secured.
How are you secured by Zero Trust security from NCP?
Zero Trust is a general IT security approach that no longer blindly trusts users and maintains the principle of least privilege. Users are only granted access to the data they need to do their work.
NCP’s software-based solutions for secure communications are built on Zero Trust. Unlike other VPN products, NCP offers holistic network security, rather than just a secure connection to the company network. With NCP Secure Enterprise Management (SEM) IT administrators can configure access rights for user groups and individual users granularly. Through centralized access management, the NCP solution fits seamlessly into the Zero Trust principle.
Read more about Zero Trust security from NCP.
The benefits of the cloud-based VPN from NCP at a glance.
Benefits for companies and users:
- No investment in hardware, software and expertise
- Benefits of several cloud technologies in one solution
- Rapid implementation of VPN projects
- Low cost per month thanks to flexible licensing models
- Device security through integrated personal firewall in VPN client
- Support for all major operating systems
Benefits for providers:
- Software-based, virtualisable VPN solution – easy integration of other service providers, such as storage providers
- Supports all modern cloud technologies
- Quickly deploy to a private cloud
- Maximum scalability
- Central VPN management - single point of administration
- Powerful change management
- High degree of compatibility
- End-to-site VPN security
- Cost-effective operation and administration