Source URL: https://aws.amazon.com/blogs/aws/aws-verified-access-now-supports-secure-access-to-resources-over-non-https-protocols/
Source: AWS News Blog
Title: AWS Verified Access now supports secure access to resources over non-HTTP(S) protocols (in preview)
Feedly Summary: AWS Verified Access extends its secure, VPN-less access capabilities to non-HTTP(S) applications and resources, enabling zero trust access to corporate resources over protocols such as Secure Shell (SSH) and Remote Desktop Protocol (RDP).
AI Summary and Description: Yes
Summary: The text discusses AWS Verified Access, a solution that provides secure, VPN-less access to corporate applications, supporting non-HTTP(S) protocols like SSH and RDP. This innovation enhances security by enabling zero trust architectures, eliminating the risks associated with traditional VPNs, and offering simplified access management.
Detailed Description:
The text provides a comprehensive overview of AWS Verified Access and its significance in enhancing network security and access control for corporate applications. Key points include:
– **Purpose and Functionality**:
– AWS Verified Access allows secure access to corporate resources without the need for a traditional VPN.
– It enhances management of network access based on identity and device security rather than IP addresses.
– **Zero Trust Architecture**:
– The solution is aligned with zero trust principles, enabling organizations to implement uniform access policies.
– Verified Access reduces broad privilege risks associated with traditional VPNs, which often have limited granularity in access control.
– **Support for Various Protocols**:
– Capabilities for non-HTTP(S) applications are now included, allowing secure access over protocols such as SSH and RDP.
– This capability addresses the growing need for secure remote access to internal resources like databases and EC2 instances.
– **Operational Streamlining**:
– Verified Access automates DNS configuration for resources within defined IP ranges, simplifying setup and enhancing operational efficiency.
– It eliminates the need for separate VPNs or bastion hosts, which can introduce complexity and policy inconsistencies.
– **Access Management**:
– Provides real-time evaluation of access requests based on user identity and device security, enhancing security measures.
– Supports creating access policies that can be easily modified to control user access effectively.
– **User Experience**:
– End users can install a client application to securely connect to resources after authentication.
– The solution allows simplified connection management through standard protocols, improving user experience while maintaining high-security standards.
– **Availability and Pricing**:
– Verified Access is being previewed across various AWS regions, with a cost model based on active endpoints and connection counts.
– The first 100 connections monthly are free, promoting adoption and trial use.
In summary, AWS Verified Access represents a significant evolution in secure remote access solutions, aligning with modern security frameworks like zero trust and addressing the complexities of traditional VPNs. Security professionals in AI, cloud, and infrastructure should consider its implications for enhancing security while simplifying access management tasks.