Leostream developed federated identity management with Zero-Trust Network Access, built to protect and connect users, data and applications across AWS virtual desktop infrastructure.
Leostream developed federated identity management with Zero-Trust Network Access (ZTNA) for secure remote computing. Built to protect and connect users across virtual desktop infrastructure (VDI), desktops-as-a-service (DaaS), and end-user computing (EUC) applications in Amazon Web Services (AWS) environments, the Leostream ZTNA-enabled Remote Desktop Access Platform addresses challenges associated with remote workforces.
These challenges include the cost of locating desktops in the cloud, as well as support for connecting users, identity management, on-premises trust brokering and access control. Leostream is able to mix and manage on-premises and cloud-based hosting platforms, and is itself downloadable software, not a SaaS product.
Leostream's new Zero-Trust approach aims to enhances the security and management of EUC workloads in AWS through the use of strict authentication and automated least-privilege access – that is, only giving users access to the specific data and compute resources needed for their role -- to keep data protected inside the corporate network. It works across on-premises and cloud environments to maintain the same levels of security and command over authorization, control and access tracking, at all locations.
"Efforts to modernize the workplace and support remote or hybrid workforces can create security gaps," said Leostream CEO Karen Gondoly. "AWS enables large user pools and diverse workloads, but with Leostream as the gatekeeper, organisations can still enforce strict authentication to lock down environments while ensuring employees maintain access to the appropriate resources and the performance they need."
Authentication, Connections and Tracking
Leostream’s priorities are always user authentication, user connections, and access tracking. Focussed on AWS, the features of the ZTNA platform include updated authentication identifiers and authorisation tools, and allow administrators to monitor unusual activity and workload trends.
Leostream's software Connection Broker for authentication looks after the management of security groups automatically. All IT resources can be managed within a single UI including desktop provisioning, user role assignments and scheduled power on and off times. It gives end-users a consistent login and high-performance connection across hybrid environments, including corporate resources located off the internet, from any location.
The Leostream Gateway establishes remote access to Leostream environments without VPNs, which can be expensive and complicated. It has a built-in HTML5-based RDP (Remote Desktop Protocol), VNC (Virtual Network Computing) and SSH (secure shell) client to set up in-browser connections to desktops managed by the Leostream Connection Broker. The Leostream Gateway supports in-browser connections using 3rd party RDPs as well, such as NoMachine, NICE DCV and Scyld Cloud Workstation, using their own HTML5 viewers. HTML5 viewers allow users to connect to their desktop from any client device, without requiring installed extra software.
Visibility and Tracking
Giving employees access to AWS resources through Leostream not only avoids exposing data on end-user devices. Its single-view administration console simplifies the management of users, cloud desktops and IT assets with real-time visibility into what resources users and devices are accessing on the network, as a part of making informed decisions.
This tracking ability can also minimise the risk of cloud instances being breached when not in use – the platform's cloud orchestration tools launch, terminate and power instances in the cloud automatically, based on user activity. www.leostream.com