Ericom Application Isolator separates corporate apps from unauthorized users to prevent ransomware

Ericom Software announced the introduction of Ericom Application Isolator, a new solution that integrates with existing remote access VPNs and Next Generation Firewalls to secure corporate applications and data from the security risks associated with excessive access rights inside a network.

Ericom Application Isolator addresses the security risks created by the broad access rights granted to users and devices on corporate networks, which create an environment hackers or malicious insiders can easily exploit.

Extensive permissions unnecessarily expose applications and other resources to threats, enabling lateral spread of malware and attacks inside the network. The solution prevents attacks by limiting remote and internal application access to only what is typically required.

It cloaks applications from unauthorized users, stopping the spread of threats by making them invisible to would-be attackers.

“We all realize networks face elevated security risk, especially now that organizations have doubled-down on VPNs to connect their newly-remote workforces to the apps and data they need,” said David Canellos, Ericom Software Chief Executive Officer.

“The increase in remote workers as a result of COVID-19 has created a surge in cybercrime, driving organizations to look for cost-effective ways to add Zero Trust security to their existing environments, and Ericom Application Isolator offers a simple way to quickly bolster their defenses.”

Ericom Application Isolator delivers key Zero Trust Network Access (ZTNA) controls that make applications and resources invisible to hackers if they manage to somehow penetrate a network, preventing lateral movement attacks. It also limits access for authenticated users to only the specific applications they need, thereby reducing the risk of insider-attacks.

The lightweight software seamlessly integrates with existing VPN and NGFW infrastructures, and leverages patent-pending advanced machine-learning capabilities to simplify deployment and use.

When used with other integrated security controls, including Ericom Shield Remote Browser Isolation, Ericom Application Isolator supports organizations adopting a Secure Access Service Edge (SASE) security framework.

“To support work-from-home initiatives resulting from COVID-19, many businesses scaled up their investment in VPNs and NGFWs to connect their newly distributed workforce to corporate applications and IT resources. With these initial priorities now addressed, organizations should re-examine their network defenses to ensure that effective security protections are in place, including zero-trust capabilities,” said John Grady Analyst at Enterprise Strategy Group (ESG).

“Ericom Application Isolator is a streamlined, cost-effective way to add important zero-trust security controls to existing VPNs and firewalls, protecting organizations from lateral movement attacks that result in ransomware spread, data loss, and significant business disruption.”

New solution capabilities

Application/resource cloaking – makes corporate applications and resources invisible to users without proper permissions. Users connect to the network as usual, either while at the office or remotely using their VPN client, and Ericom Application Isolator enforces least-privileged access policies. Authenticated users with valid permissions have no change in their user experience.

Automatic access policy creation – simplifies the process of establishing per-user remote (North-South) and internal (East-West) secure access policies. The solution’s patent-pending Auto-Policy Manager automatically generates per-user (or group) access policies based on network traffic analysis over a configurable time period. Manual adjustments can be applied as needed to quickly define and deploy least-privileged access policies for the entire organization.

Integrations with leading VPNs and NGFWs – leverages an organization’s existing investments in VPNs and NGFWs to accelerate their move to Zero Trust Security. The solution can be deployed quickly, does not require any new agents to be installed, and operates with the gateways and VPN clients of leading vendors, including Check Point, Forcepoint, Fortinet, OpenVPN, and more. The software also integrates with Microsoft Active Directory to authenticate and authorize users while they are in corporate offices accessing internal resources.

Activity reporting and monitoring – gives IT professionals visibility into application and resource access and use. It allows for policy verification and ongoing learning and adjustment of policies based on observed usage patterns and can be used to meet internal compliance and audit requirements.

“Ericom Application Isolator has added an important set of capabilities to our remote access security approach,” said Joe Morin, CEO of Cyflare.

“The solution was plug and play with our existing VPN infrastructure, required no endpoint agent, and provided an automated process to create our least-privileged access policies. I highly recommend it for organizations looking for a quick and efficient way to add zero trust network access capabilities to their environments.”