6th April 2021 Secure access with VMware

Before remote working became the norm, the most common practice was to use VPN concentrators at business data centres. But now that business-critical applications are being moved to the cloud to allow large numbers to work remotely, this is no longer sufficient to ensure secure and safe working.

We look at how by combining VMware Workspace ONE and VMware SD-WAN, VMware Secure Access brings remote users into the fabric of the business without VPN. Using secure gateways, this both greatly improves the user experience and reduces costs and IT resources for businesses.

Why VPN isn’t enough

In the traditional VPN model, remote and mobile user traffic would have to travel across the internet to the data centre, before being sent back out to the internet for pick up, creating latency issues. This may have been ok for occasional use but it’s simply not good enough for an entire workforce.

Moving to the cloud

To counteract this, businesses have moved to the cloud. This helps the issue of latency when accessing applications and SaaS but exposes the traditional security models. To provide exceptional user experience whilst also ensuring it is secure for the business and its workers can be costly.

VMware solutions

VMware Workspace One is the ideal solution for a distributed workforce. It only allows trusted devices and users to access applications, whether hosted on-premises or on the cloud. Each user is mapped wherever they are situated, which helps IT maintain the users and reduces operating costs.

SD-WAN gateways

SD-WAN works by optimising through a number of gateways, providing users with a consistent and secure cloud experience when accessing applications. Whether hosted at the data centre or on the cloud, the gateways deliver easy, automated access to any application.

VMware Secure Access

VMware Secure Access combines VMware Workspace ONE and VMware SD-WAN, bringing off-premises users into the enterprise VMware SD-WAN fabric. This lets all remote users access applications without latency and hairpinning, delivering the security and benefits of cloud solutions.

Zero trust models

With traditional VPN security models, remote workers were able to access any resource, including cloud applications that were outside the network. Workplace ONE implements a Zero Trust security model to help address digital transformation of any users accessing applications from anywhere.

Workspace ONE UAG

Workspace One Unified Access Gateway (UAG) secures and manages access to applications for all types of users, often deployed within demilitarized zones (DMZ). With UAGs located closer to where the users are, latency issues are greatly reduced whilst ensuring secure access.

The cost of remote access

But deploying UAGs in multiple and remote regions is not an easy task. Businesses must acquire a regional hosting presence, deploy their own networking, computers, bandwidth, and purchase maintenance contracts. This all requires time, resources, expertise and will increases costs.

The flexibility of SD-WAN

Fortunately, VMware SD-WAN users today have access to a network of thousands of gateways deployed worldwide. These can position the user milliseconds away from a gateway, enabling a smooth application experience optimised by VMware SD-WAN Dynamic Multipath Optimization.

Security and cost saving

This SD-WAN model creates an ultra-efficient structure to work from with improved application performance. This saves businesses on the cost of purchasing additional bandwidth. Plus, internet traffic does not enter the business network, protecting it from attacks and user privacy breach.

Multi-region support

Remote workers from certain regions know the challenges of finding a VPN concentrator close to their location, and it comes at a high cost for businesses to deploy one. VMware Secure Access supports multiple regions with its distributed Service Nodes in the US, Europe and Asia.