ThreatLocker has added a network access control component to its zero-trust security platform for MSPs.
The company announced the new product during its 2022 Zero Trust World event, which is taking place through Wednesday in Orlando.
Currently in public beta, with full-scale release tentatively expected to follow next month, ThreatLocker Network Access Control (NAC) adds protection from risky devices to an integrated family of products previously focused chiefly on software.
“Up until recently, we focused primarily on applications,” says Danny Jenkins, ThreatLocker’s CEO. “We wanted to extend that kind of framework into network access control.”
Doing so is difficult, however, he continues, because devices can’t be “whitelisted” for approved access in advance as easily as applications. “Networks run on IP addresses. You can’t take that away,” Jenkins notes. “The problem is your IP address changes all the time.”
VPN, the most widely used network access security tool at present, Jenkins adds, has problems of its own. “VPNs are slow and cumbersome and difficult, and they mean all of your internet traffic is routed through a central point,” he says. “If you’re in California and you want to connect to a service in Washington State and your VPN is in Florida, that causes massive amounts of problems.”
ThreatLocker NAC uses authentication keys generated by locally installed agents to provide short-term network access to trusted devices, in real time and without help from VPN connections.
“It works seamlessly with the Windows firewall,” Jenkins says. “It essentially bypasses the Windows firewall and then turns it back on.”
The new service shares a common multi-tenant management interface with ThreatLocker’s other solutions as well. “They can see all of their agents,” says Jenkins of MSP users. “They can see all of their firewall policies on all of their endpoints worldwide.” They can also revise those policies globally across all accounts at once, or customize them for specific clients.
Citing products from Zscaler as an example, Jenkins says that other solutions with similar capabilities are oriented toward enterprise IT departments and comparatively expensive. “You’re talking about thousands of dollars.”
Deploying ThreatLocker NAC saves money on VPN services as well, Jenkins adds. “You’re going to be able to remove VPN access, because you don’t need to worry about that anymore.”
ThreatLocker NAC is the latest addition a product set that includes tools for application whitelisting, limiting application privileges, and providing secure access to files and storage devices. A fourth component that lets organizations set and enforce access privilege elevation limits on a person-by-person basis arrived in January of last year.
Together with the new network access control system, those are designed to form an integrated zero-trust security platform. ThreatLocker charges users a flat fee for use of that platform, plus smaller incremental fees for each platform component they deploy.
The company declined to specify pricing on the new offering to avoid disclosing that information to end users, who could use it to dispute price increases.
According to Jenkins, businesses with remote and mobile employees can no longer depend on traditional technologies like firewalls to keep networks safe. “The perimeter was already dying in 2019,” he observes. “Now of course, with a big jump in people working from home, traveling a lot more, and not having a static IP addresses, it’s gotten even more tricky.”
Zero-touch strategies have attracted widespread interest in response to that challenge, though not yet widespread deployment. Indeed, while fully 99% of respondents to a recent survey conducted by Dimensional Research on behalf of security vendor One Identity called zero trust important to their organization’s security posture, a mere 14% have implemented a zero-trust strategy.
Though ThreatLocker currently has roughly 3,000 partners, Jenkins too has seen awareness of zero trust significantly outpace actual deployments to date, especially among MSPs. He expects that change to significantly over the course of the current decade, however.
“It’s going to become as common as antivirus in five years’ time,” Jenkins predicts.
Fortinet, Trend Micro, and VMware are among many other vendors with zero-trust network access solutions. Sophos introduced one in January as well.