As we work with organizations helping them modernize and secure their remote access infrastructure, we’ve consistently seen that one of the larger stumbling blocks to making deployment progress is an accurate inventory of what services are currently in use. This holds especially true for IaaS-based services, as they are often outside of IT and Security’s purview. If you think about it, it’s kind of like painting the Golden Gate Bridge. As soon as you’re done, it’s out of date and you need to start over.
With that in mind, we’re excited to announce Discover and Publish, a streamlined way to secure access to hybrid and multi-cloud infrastructure. Banyan Security is providing customers with the following benefits:
- Improved time to value – we provide a quick and effective way to create least-privileged access to your infrastructure and services.
- Scalable IaaS access management – we provide a modern, consistent way to manage access to IaaS workloads across any cloud.
Let’s dive in!
Resources are everywhere
The number of options for deploying computing workloads has grown tremendously in the past decade. Most enterprise organizations will likely have a combination of workloads across on-premises, colocation, edge, and cloud. However, many CIOs are now shifting towards a “cloud-everywhere” mentality where the number of cloud workloads continues to rise and multi-cloud adoption is widely accepted.
Cybersecurity professionals face challenges managing secure, least-privileged access to infrastructure across different IaaS providers. Usually this consists of a hodge-podge of VPNs, bastion hosts, and custom tooling. Banyan’s zero trust access solution helps resolve these challenges for organizations embracing multi-cloud and the “cloud everywhere” mentality.
Discover and Publish for IaaS providers
For cloud resource discovery, Banyan integrates with major IaaS providers including AWS, Azure, Google Cloud, and Oracle Cloud to automatically detect when new infrastructure is created.
The discovered inventory section of the command center is populated with key IP and/or domain information about the cloud resource and the IaaS provider it was sourced from. Our cloud resource discovery process runs at regular intervals to ensure the inventory table is always up to date and can even perform granular syncing of resource types, tags, or labels.
For example, admins can automatically sync AWS EC2 instances that have a tag of ‘banyan:discovery’.
Within the cloud resource, an admin can go through a simple publish flow that will create a Banyan-secured hosted website or infrastructure service in seconds. The IP, DNS, and port information are automatically populated, creating a strong link between the cloud resource and the published Banyan service.
A consistent approach to IaaS secure remote access
We’re strong believers in the BeyondCorp approach towards zero trust security but we realize that moving from legacy VPNs and bastion hosts to granular, least-privileged access can be difficult. Banyan, however, provides a consistent way to manage secure remote access, regardless of the application and where it is hosted.
Typically, one of the first steps towards zero trust is understanding the security posture of your users and devices. Once that is complete, discover and publish provides a way for organizations to understand their multi-cloud resources, create Banyan services to secure the infrastructure, and fine-tune the policies for least-privileged access.
End users benefit from this consistent approach in the form of a unified Service Catalog. The days of having to remember how to access websites or infrastructure depending on which cloud it is hosted on are now done. Banyan improves productivity across your organization.
Getting started with IaaS Discover and Publish today
All of the functionality discussed above is immediately available and is included in Banyan Security’s Enterprise edition!
For details on how to set up discover and publish for your IaaS provider(s), see our docs.