Zero Trust Access for any user, from any device, and to any corporate resource

Secure Access Cloud

Leveraging Software Defined Perimeter technology, Symantec Secure Access Cloud delivers protection for the Cloud Generation. It cloaks all corporate resources on the network, fully isolating datacenters from the end-users and the internet. The network- level attack surface is entirely removed, leaving no room for lateral movement and network-based threats, unlike the broad network access legacy solutions such as VPNs and NGFWs.

Improve Security Posture with a Zero Trust Access Solution

Secure Access Cloud provides point-to-point connectivity at the application level, cloaking all resources from the end-user devices and the internet. The network-level attack surface is entirely removed, leaving no room for lateral movement and network-based threats. Its simple-to-set, fine-grained and easy-to-manage access and activity policies prevent unauthorized access to the corporate resources by implementing continuous, contextual (user, device and resource-based context) authorization to enterprise applications allowing secured employee, partners and BYOD access.

Helps protect your resources by removing direct network connectivity, and only allowing Zero Trust based access.

• Cloak corporate resources from the end users and the internet
• Allow only point-to-point application-level access
• Provide secure, restricted access to 3rd party users & BYOD access
• Continuously enforce contextual authorization based on user and device context
• Implement a least-privileged access model, conforming ZTX (Zero Trust Extended) and CARTA (Continuous Adaptive Risk and Trust Assessment) models

Reduce Complexity with an Agentless, Cloud-delivered Access Solution

Minimize deployment hassle and ongoing maintenance with Secure Access Cloud. There are no endpoint agents to install, appliances to deploy, or complex policies to manage. Delivered as-a-service, Secure Access Cloud dynamically scales up or down, for all of your users, applications, workloads and servers. Gain true elasticity in its computing resources while supporting the dynamic, distributed nature of your modern enterprise.

Replace your VPN with secure access that’s simple to deploy and easy to manage.

• Deploy in minutes with no agents or appliances required Reduce TCO by removing the need to manage legacy appliances and complex network-level policies
• Allow seamless user experience where users continue using their native tools
• Deploy in private cloud, AWS, Azure or Google Cloud Platform infrastructures
• Easily integrate with corporate IdP, multi-factor authentication, SIEM and other IT/Security components
• Demonstrate compliance with a globally distributed and certified service (SOC 2 Type II, ISO 27001, etc.)

Leverage the integrations with CloudSOC and DLP for unified data security

Symantec Secure Access Cloud’s seamless integration with Symantec DLP and CloudSOC extends security beyond access controls into data protection and threat protection across all locations: SaaS, PaaS, IaaS, on-prem, and self-hosted datacenters.

Enforce DLP policy on hosted, IaaS and on-premises corporate resources

This unique capability provides the customer with:

• One universal DLP policy, enforcing data access and governance controls across all vectors.
• One incident management pane for all corporate resource locations
• One unified security with centralized visibility and ease of deployment and use

Get greater visibility and control of user activity

Secure Access Cloud takes access policies further with activity monitoring and enforcement. The exact actions a specific user/group can perform in a specific application can be defined through its granular activity policies. Every user action performed at the application-level is monitored and logged – including URLs accessed and SSH commands executed.

Helps monitor and log all user actions and apply activity policies to restrict unauthorized or malicious operations.

All audit logs are tied to the individual user accounts and devices and can be exported to your SIEM to receive additional application level context.

• Monitor application-level user activity to detect advanced attacks or insider threats.
• Define granular application activity policies to restrict operations such as file downloads, uploads or specific SSH commands.
• Easily export the audit data to your SIEM for advanced analysis and detection.
• Improve compliance and DFIR capabilities with detailed logging and auditing

More secure access to your production, staging and development environments

By limiting network-level access and providing least-privilege, user and device-based access to production, staging and development environments, Secure Access Cloud lets DevOps securely manage their dynamic infrastructures while continuing to use their native tools. With Secure Access Cloud, DevOps can centrally manage SSH keys and monitor user’s sessions while allowing Just-in-Time and Just-Enough Access to the environments. Secure Access Cloud’s API-driven platform enables DevOps to easily integrate with CI/CD, Infrastructure-as-Code and other solutions.

Improve security while enhancing efficiency of DevOps and IT Security teams.

• Limit network access to production, in order to avoid malicious or accidental damage, without maintaining VPN agents or gateways
• Centrally manage sensitive keys in order to maintain key hygiene (regular rotation, encryption standards, users onboarding/offboarding, etc.) and quickly address compromise scenarios
• Provide DevOps with limited, authorized and audited access to dynamic environments, without the need to perform manual operations
• Enforce JIT and JEA to any resource without agents or appliances
• Natively integrate with public cloud platforms