The ZafePass DNA

Where does all this come from ?

ZafePass may stand out as the new kid in the class, but nothing could be further from the truth, we have been developing and maturing the technology and methods used in ZafePass since ancient times (technologically speaking).

We were participants in the days of the Jericho forum in 2004 and have been promoting de-perimeterisation and been developing methods for it ever since.

We are also no newcomers when it comes to the design framework of Zero-Trust, more specifically – we have been working with that exact model since before John Kindervag coined the term in 2010 and Chase Cunningham defined ZTNA in 2012/2013, not that suddenly makes Zero-Trust our “invention”, because it certainly isn’t.

3D DNA strands on an abstract background

Why it matters now

In 2015 we launched our first generation. The market wasn’t ready: VPNs and broad ACLs still dominated.

Back in those days however, there was not really many other solutions promoting Virtual Private Connectivity (VPC), Software-Defined Wide Area Network (SD-WAN), Software Defined Perimeter (SDP) or Secure Access Service Edge (SASE), back then VPNs and SSL-VPNs was king and the de-facto way of securing remote access and trying to convince anyone otherwise proved to be so much of an uphill struggle, that those who tried was unsuccessful by large.

But we continued to develop and mature the technology and methods behind ZafePass.

Enter 2020 and the Covid19 pandemic, where suddenly employees was forced to work remotely and large scale deployments of VPNs for the enterprises was paramount for the companies survival, were we also saw an steep incline in companies compromised and their assets stolen, held for ransom and Intellectual Property suffering under industrial espionage, even in deployments of VPN infrastructure configured correctly according to the manufacturers documentation, simply due to a plethora of flaws in VPN- and access gateway implementations, still continuing to this day..

 

The Swiss army knife

Zafepass does not really fit into any single category, as ZafePass implements a complete integration of many of the systems needed for securing remote access AND does also provide functionality that spans many different methods – depending on which parts of the feature-set is used.

ZafePass can in many cases be a complete replacement for VPN, but will work absolutely fine in parallel as well.

ZafePass is a VPC, SD-WAN, SASE and SDP platform, which also integrates IAM, PAM and a very advanced and flexible MFA policy engine, granting or revoking access privileges to individual remote systems based not only on the user, but also other properties such as network location, equipment used, Operating System and version, time windows and even service packs or patches installed.

Additionally, unlike most if not all other access platforms, ZafePass includes an advanced deployment engine, for remotely pushing and deploying pre-packaged software to the user, delivered if the user needs it for accessing a specific remote system. For example, the user should have access to a mainframe, to access the user needs a 3270 Terminal Emulation program, ZafePass can automatically download, install and configure the application for the user, to create a consistent and completely smooth user experience.

ZafePass can even remove everything when the user is done, as it was never there.

This does not only save on system engineers or support staff, it can certainly also save on licenses, since only those users who need it will get the application and since it’s deployed on the fly, there is no need to include it in the standard workstation image and pay licenses for potentially hundreds or thousands of workstation installations where it will never be used.

…and there is no update challenges either, since the software is always deployed from a central repository, so it only needs one update..