For many years, the increased perception of cybersecurity threats has translated into an increasing number of security products deployed inside an organization, typically from different vendors, across the many layers of the technology stack.
Besides the obvious financial impact, this traditionally had two rather nasty consequences: a disproportionate amount of access credentials necessary to access the management interface of each product, and a significant configuration overhead needed to make the product consoles available to selected privileged users across company networks.
Security products then started adopting standard identity protocols (e.g. RADIUS, LDAP) to enable central access and role management within their products using traditional user directories, but these technologies are now being displaced by cloud native alternatives which are not, or not totally, retro compatible. Cloud workloads and remote working have also stretched company perimeters far beyond the local premises, which propelled the adoption of secure network solutions to provide site-to-cloud connectivity and access to corporate resources from remote.
Forcepoint recently announced Forcepoint Advantage which gives customers access to all Forcepoint products with a simple, flexible, subscription-based pricing model. This means it is even more important to be able to deploy and manage a fleet of Forcepoint solutions with the same credentials and with the same simplicity of access a customer would have when managing a single converged on premise solution: this is exactly what our integrations deliver, using Azure Active Directory secure hybrid access together with Forcepoint DLP, NGFW and Behavioral Analytics.
Azure Active Directory secure hybrid access
- Azure Active Directory secure hybrid access enables secure remote access to on-premises web apps using Azure AD as identity source and Application Proxy.
- Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service. It provides centralized user management and advanced security capabilities, including Conditional Access, identity protection, and multi-factor authentication, to help protect your legacy apps as a lightweight component to securely connect to claims-aware on-premises web apps without a VPN.
- Azure AD’s Application Proxy provides secure remote access to on-premises web applications. After a single sign-on to Azure AD, users can access both cloud and on-premises applications through an external URL or an internal application portal.
Here’s a diagram of the Azure building blocks working together:
Forcepoint DLP, NGFW and Behavioral Analytics
Forcepoint DLP provides visibility and control of sensitive data across cloud applications, network storage, email, and web in a single console. Forcepoint DLP accelerates your compliance efforts by combining pre-packaged coverage of global regulations across your IT environment, and efficiently secures sensitive customer information and regulated data so you can confidently prove ongoing compliance.
Forcepoint Next Generation Firewall (NGFW) connects and protects people and the data they use throughout the enterprise network – all with efficiency, availability, and security. Trusted by thousands of customers around the world, Forcepoint network security solutions enable businesses, government agencies and other organizations to address critical issues efficiently and economically.
Forcepoint Behavioral Analytics enables security teams to proactively monitor for high-risk behaviour inside the enterprise. Our security analytics platform provides unparalleled context by fusing structured and unstructured data to identify and disrupt malicious, compromised, and negligent users. We uncover critical problems such as compromised accounts, corporate espionage, intellectual property theft, and fraud.
Integration with Azure AD secure hybrid access
Forcepoint developed three integrations that provide customers of Forcepoint DLP, NGFW and Behavioral Analytics with the capability to use Azure AD as identity source and to expose the web management consoles as Azure Apps. These two capabilities deliver integrated authentication for Azure AD users and make the management consoles available remotely without the need to leverage VPN solutions and with the increased security layers provided by the authentication policies and steps configurable within Azure AD.
The diagram below shows an example of the workflow between the components involved into one of the three integrations:
Watch the videos to learn more about the technical implementations. In each one, you will see a live demo of how the building blocks are deployed and how Azure AD users can seamlessly authenticate to the Forcepoint products locally and through their Azure App.
Forcepoint DLP video:
Forcepoint NGFW video:
Forcepoint Behavioral Analytics video: