Skip to main content

Access Proxy

Access proxies are essential components of TRASAGATE's zero trust access architecture. They serve as secure gateways between users and the protected services they need to access, enforcing granular access control policies and providing full visibility into application-layer traffic.

The Role of Access Proxies in Zero Trust

In a traditional network security model, once a user gains access to the network, they often have broad access to resources within that network. This approach can lead to increased risk of unauthorized access and data breaches.

TRASAGATE's zero trust access model, powered by access proxies, operates on the principle of "never trust, always verify." Instead of granting implicit trust based on network location, access proxies authenticate and authorize every access request, ensuring that users can only access the specific resources they are permitted to use.

By sitting between users and protected services, access proxies provide several key benefits:

  1. Granular Access Control: Access proxies enforce fine-grained access control policies based on user identity, device posture, location, and other contextual factors. This ensures that access is granted based on the principle of least privilege.

  2. Full Visibility: Operating at the application layer (Layer 7 of the OSI model), access proxies provide full visibility into the traffic between users and protected services. This visibility is crucial for auditing, compliance, and incident response.

  3. Secure Communication: Access proxies encrypt all traffic between users and protected services, ensuring the confidentiality and integrity of sensitive data in transit.

  4. Centralized Policy Enforcement: By serving as a central point of policy enforcement, access proxies simplify the management and consistency of access control policies across diverse services and environments.

Supported Protocols

TRASAGATE's access proxies currently support four types of protocols:

  1. HTTPS: Secure web-based access to applications and services.
  2. SSH: Secure shell access for remote server administration and file transfers.
  3. RDP: Remote desktop protocol for secure remote access to Windows servers and desktops.
  4. Database (beta, MySQL only): Secure access to MySQL databases.

Configuring Network Security

To ensure that access to protected services is only possible through TRASAGATE's access proxies, it is crucial to configure your network security controls, such as firewalls, to restrict direct access to these services.

By enforcing traffic to flow through the access proxies, you can maintain a strong security posture and ensure that all access requests are subject to TRASAGATE's zero trust policies.

For more information on configuring firewall rules to enforce access through TRASAGATE, please refer to the configuring firewall rules documentation.

By leveraging TRASAGATE's access proxies and properly configuring network security controls, organizations can implement a robust zero trust access solution that enhances security, visibility, and control over access to critical services and resources.