Time to Retire VPN – Users deserve better! | HCLTech

Time to Retire VPN – Users deserve better!

January 10, 2023
Ankit Burman


Ankit Burman
Area sales director
January 10, 2023

Most organizations use a VPN service, even though majority of them are aware it’s a target for cybercriminals. Virtual private network (VPN) was developed over 30 years ago and they are no longer useful with today’s modern workforce who work from anywhere. The flawed security design delivers a poor user experience. Few aspects of a poorly driven user experience are below:

  • High latency, limited scale, and poor experience
  • Repetitive logins and dropped connections every time there is a change in network or inactivity from the user
  • Confusion on when to use or not to use VPN

With both internal and external treats continuing to grow at a lightning speed, the traditional security methods of trust and verify are no longer valid. This change has pushed organizations to revisit their security postures and make a fundamental shift in approach as to how the users get access to the applications whether on cloud or data center.

Threats both internal and external continue to grow at lightning speed, traditional security methods of trust and verify are no longer a valid approach.

With the introduction of HCLTech’s offering around Zscaler’s Private Access, companies can now provide seamless, zero-trust access to private applications running on a public cloud or within the data center. Applications are never exposed to the internet, making them completely invisible to unauthorized users. The service enables the applications to connect to users via inside-out connectivity versus extending the network to them. Users have never been placed on the network thus no access to infiltrators and no lateral threat.

So why Zscaler ZPA?

  • ZPA improves your security posture even as you provide seamless access – The paramount feature of ZPA solution is security, Zscaler Private Access abstracts the asset from the network, it not only ensures seamless access regardless of physical location, but it also dramatically increases your overall security posture by effectively making your most sensitive material invisible. Any attempt to route back to the application/asset meets a dead end
  • ZPA connects by application, not by IP address – VPNs were designed to give access to a network not to an application, once on the network the malware can propagate, and it could affect the user and also the entire network. On the contrary ZPA connects users to applications hence granting no access to network and eliminating any threats.
  • ZPA eliminates the cost of VPNs and associated equipment - As part of their global, cloud based security platform, Zscaler maintains all hardware and software, which frees both your IT staff and your budget and enables deployment in a matter of hours. Even better, Zscaler Private Access is deployed via the same Zscaler App you use to access our cloud security platform, which greatly reduces your “client sprawl” by delivering a single app that provisions Zscaler Remote Access, Secure Web Gateway, Data Loss Prevention, Cloud Sandboxing, Cloud Firewall, and more.
  • ZPA takes your applications from “on-net” to “dark-net” at the same time YOU get complete visibility - Zscaler Private Access renders your applications invisible to all but authorized users, and uncountable to anyone. But because the solution works at the application layer, they also deliver a level of disability to you that has never before been possible. Some of the customers have found almost ten times as many applications in use as they had expected. Once you know what applications are running, you can easily create granular access rules for them.
  • ZPA gives contractors, partners, or other companies exactly the access they should have - Providing internal application access to third parties has always been risky—as proven by several recent security breaches. With Zscaler Private Access, there is no need to worry. You can provision granular application access without opening your entire network to anyone. Now contractors can see the single app that they require and nothing else. In the case of a merger or acquisition, you can provision app access without worrying about overlapping private IP space, complicated NAT rules, or endless access control lists.

Customer success stories

A US-based financial services company with more than 65000 users engaged in regular mergers and acquisitions to strengthen their portfolio was facing tremendous challenges in integrating the networks of the acquired companies. The traditional methodology to converge IT and network was time-consuming and complicated. With HCLTech as their consultants, we introduced the ZPA solution to the customer and did an architecture workshop for a small set of users. We demonstrated accelerated access for users to key applications without the complexity of dependencies on gaining network access. The users reported seamless access to the applications without any latency and connection drops/interruptions.  Subsequently, HCLTech did the entire architecture design, deployed the solution, and now manage the operations support for all the 65000+ users. The company received tremendous business value and savings up to 200% which they would incur on their legacy VPN solution. They will either buy new assets or refresh the outdated ones and manage their year over year post deploying the Zscaler ZPA solution in conjunction with HCLTech.

With the onset of Covid-19 and users requiring remote access from anywhere, one of the leading oil and gas company headquartered in the US were having dominant challenges with their existing legacy VPN system. This expanded the attack surface with change in the working model for both internal and third-party users. In an effort to secure work from anywhere, reduce attack surface, and secure third-party access, HCLTech did a workshop on how does ZPA work in achieving all the required security and access controls for the user group. The success of the workshop led the customer to deploy ZPA across its organization, with HCLTech deploying the solution in a short turn-around time and then going on managed the day-to-day operations for them. This quickly gave the users access to applications at a much faster pace and seamless connectivity so that they can work from anywhere. Significant cost savings were also witnessed once the transition was done.

How can HCLTech help?

With over 600+ certified Zscaler resources trained on the product lines, we have a strong bench to do a complete assessment of your security parameters. We can suggest the best-in-class solutions to overcome any threats which may occur with being on the older legacy VPN systems.

Contact us to know how you can leverage our expertise to replace your legacy VPN systems with a cloud-based security solution which provides a seamless user experience, eliminates threat surface, saves cost, and helps in accelerating mergers and acquisitions.

Get HCLTech Insights and Updates delivered to your inbox

Share On