NSPA product solutions
NSPA
NSPA (Nikawal Secure Private Access) is a zero trust (ZTNA) solution based on SASE (Secure Access Service Edge) as the security framework, helping businesses better safeguard their network security. Through NSPA, enterprises can securely connect their members to their applications, better protecting their applications. NSPA is a cloud native service that delivers at the minute level and can replace traditional VPNs.
Product value
Replacing traditional VPNs and firewalls:
Users directly connect to the application instead of the network, minimizing the attack surface and eliminating attacks on applications in the network through the network.
Prevent harmful behavior from users:
Reduce potential harmful behaviors from users through context analysis, risk detection, and threat isolation.
Satisfy diversified remote access:
Support remote users, headquarters, branch offices, and third-party partners to access internal applications.
Reduce Total Cost of Ownership (TCO):
Through a unified platform, secure and reliable networks can be provided for users, devices, third parties, and more without the need to purchase various products.
Product components
user terminal
User terminals are the main body accessing applications, including mobile and computer users.
Cloud network
Cloud networks are deployed in the cloud, providing network communication connections, network security, and other functions for IDC data centers, enterprise data centers, and more.
Application terminal
Connect enterprise protected applications securely to the cloud network. It supports both hardware delivery and software delivery.
Network plugin
Users can access applications through user terminals or plugins, and applications can connect to cloud networks through application terminals or plugins.
Management Platform
Manage and configure all users/user terminals/application terminals of the enterprise on the management platform; Manage and configure policies for accessing applications; Real time insight into the current user's behavior when accessing the application.
Product features
Provides zero trust network security features to ensure application security, regardless of how users access the application. NSPA provides precise flow logs of user access to applications, providing insight into network behavior; Hide applications to reduce their vulnerability to attacks; A dynamic fine-grained access strategy that minimizes the application that flexible authorized members are allowed to access.
Based on identity
Provide identity based application access, with user terminals providing unique network identity information to access applications
Stream log
Provide flow logging function to record the access and response traffic of customer terminals, helping enterprises monitor member access to application behavior
shunt
According to the management platform configuration, application traffic is sent to the cloud network, and for non application traffic, customer terminals directly access it
DNS service
Customer terminals support DNS services, quickly respond to layer 7 requests from customer terminals, and reduce the latency of customer terminal access to applications
Hide apps
The application does not need to provide services to all external visitors, but only allows the application terminal to access the application
Application network environment loose coupling
Protecting enterprise applications and loosely coupling them with the network environment where the enterprise applications are located
Application Health Check
Supports health check function, can periodically send detection messages to check application connectivity
Dynamic strategy
Support dynamic strategies, which can dynamically adjust member access to application policies in real-time based on the situation
Diversified situation
Supporting diversified scenarios, targeting member access to applications, supported scenarios include systems used by customer terminals, etc
Cloud network
By using cloud native technology, we provide highly reliable connections to customer terminals and applications, providing zero trust network security for enterprises
Product advantages
Based on identity
Traditional VPNs access applications by connecting them to the network, and as long as they enter the network, they can access any application in the network. If traditional VPNs need to distinguish visitors, they mainly allocate IP addresses and then assign different firewall rules for different IPs. The identity based approach, coupled with network decoupling, allows for more flexible configuration of rules, especially in complex network environments.
Secure Connection
Applications do not need to open ports for visitors, accept requests, or perform complex configurations. Applications only need to allow access from application terminals and enhance application security through application hiding. Both the application terminal and the client terminal are connected through TLS encryption and cloud network security to ensure communication data security.
reliability
A cloud network that connects user terminals and application terminals, using cloud native technology for highly reliable distributed deployment in public cloud, private cloud, computer room, and other environments. Simultaneously supporting the deployment of multiple application terminals to achieve high reliability in both cloud networks and applications.
flexibility
Enterprise self-service adds and modifies applications through the platform, adds and adjusts enterprise members, and flexibly adjusts strategies based on the situation to ensure the security of enterprise applications.
Unified control
Through NSPA, enterprises can unify the management of all applications and configure the access permissions and policies of all members of the enterprise to access the applications. No matter how complex the network environment where the application is located, simple configuration can protect the security of enterprise networks and applications. NSPA also provides powerful statistical and monitoring functions to gain a global understanding of real-time and historical data of enterprise members and applications.