Secure your network without a VPN
To managing and securing AWS cloud infrastructure, we have to place the application as well as db server in private subnet and then VPN (Openvpn,Pritunlvpn etc) server is needed to connect them for administrative works, this is similar for other cloud providers like google,azure etc.
For managing Multiple AWS account for your organization, it's tedious job to configure and maintain vpn for each account.With VPNs, VPN gateways need to be deployed in every aws account and also they are public and visible on the internet. As a result, gateways are constantly probed by attackers.
With the right sdp solution, organizations can securely connect remote users, on-premises servers and multi-cloud environments, potentially at a fraction of the cost and security risk of the traditional approach.
Twingate eliminates public attack surfaces to create a secure network between users and private servers. It can easily implement a zero trust (ZTNA) solution with your AWS cloud resources and applications.
Steps to configure and connect with Twingate
1.Define a Remote Network
You will create a new Remote Network in Twingate within which you will define Resources that users can be given access to.
2.Create and provision a new Connector
Twingate Connectors provide encrypted connectivity into a Remote Network, and can be deployed into a wide variety of environments. Start by deploying a Connector into your newly created Remote Network.
3.Access your protected Resources with the Twingate Client
With your Twingate network configured, the Twingate Client application allows you to connect to Resources you are authorized to access.
We have configured and connected two different aws account and 3 vpc with twingate
We have added 3 private server as authorized resources in the two aws account
Once we deploy the connector in public instance in aws cloud , the twingate dashboard reflects the same pubic ip in dashboard.
How twingate works to connect remote resources
Once you install twingate agent in your local laptop, it creates one tap network interfaces which bridges your laptop to twingate network infrastructure.
'
You can see the route tables showing the private resources are routing through the tap network interface
You can also see a icon in right side of taskbar for twingate which also shows the authorized resources/server list.
You can check the connectivity of the servers by port telnet.
Device Security
It's an extra level of security by only allowing devices with specific trusted profiles to access sensitive resources. Devices must meet the minimum OS requirements or have a Trusted Profile to join your network like antivirus must be there and screen lock is enabled.
The product is available in AWS marketplace, it may be little costly for startup, but for organization want to simplify, standardize, and secure processes will like to use twingate or any other similar sdp products.
That's all for now, will come back later with more advance feature of twingate.
Top comments (0)