Kemp, the always-on application experience (AX) company, today announces the launch of its Zero Trust Access Gateway (ZTAG) architecture to simplify the introduction of a zero-trust model for securing published workloads and services. The Kemp ZTAG solution is comprised of a suite of proxy, authentication, access logic, and automation capabilities that helps customers apply zero trust logic to load balanced web-based applications.
The increase in work-from-home, hybrid cloud, BYOD, and IoT blurs the border between what is on premises and what is beyond the perimeter. This raises new challenges around maintaining compliance and a consistent security posture without detriment to the easy access to services for users. IT organizations must respond to the expanding network edge while finding reliable ways of providing secure application access to users.
Load Balancers as Zero Trust Engines
As the primary termination endpoint for published applications, load balancers are optimally positioned to contribute to a comprehensive zero trust model. The Kemp Zero Trust Access Gateway architecture enables Kemp LoadMaster deployments to protect critical applications by applying active traffic steering based on customer location and the security zone level of backend services. Service access is determined based on characteristics such as security group membership, source network and information embedded in the HTTP communication. A Policy Builder based on Kemp’s full-featured API allows for automated and streamlined creation and application of ZTAG configurations.
“Zero trust is the future of application access and continues to gain traction for customers,” said Jason Dover, VP of Product Strategy for Kemp. “Kemp is leveraging the privileged position of the load balancer combined with our extensible automation framework to help customers simplify the introduction of a zero trust model into their application ecosystem.”
Integrated Approach for Zero Trust
Since a connecting client that appears to be safe may change state if compromised, combining initial access and authentication with ongoing verification at the upper layers of the application stack is critical. When enabled, Kemp’s embedded web application firewall (WAF) and intrusion prevention system (IPS) inspects authenticated client traffic for violations and prevents exploits from being carried out by threat actors. Integration with IP reputation sources further prevents known adversaries from ever gaining access to protected applications.
Unlike other zero trust approaches, Kemp provides the added benefit of deep network telemetry which enables detailed insights on protected application services. When coupled with Kemp’s on portfolio of network visibility products network and security operators are enabled to get ahead of performance and threat issues that could negatively impact application experience.