Symantec Secure Access Cloud is a cloud-native Security-as-a-Service (SaaS) solution that allows businesses a more granular level of control over who gets access to which corporate resources. In addition to being more granular, the process of filtering out access to these assets should also be made more secure with Symantec. This is where Symantec (or Broadcom) puts its trust into the Zero Trust Access model and the effective cloaking of essential business resources.
With this approach, it hopes to get the traditional Virtual Private Networks (VPNs) out of the picture as the mainstay of remote access management.
So, trust no one, minimize the network threat areas, outcompete the VPNs, and do not rely on a third party for connectivity.
Is it enough? Let’s see what’s cooking under the hood.
Symantec Secure Access Cloud security features
Symantec Secure Access Cloud delivers an array of security features that work in unison with a single goal in mind: allowing users to safely connect to business applications in the public cloud or on-premises. This is to be done regardless of the location of a user or the type of device in use while involving no intermediaries or agents in the process.
To achieve this, Symantec Secure Access Cloud gives you a software-defined perimeter (SDP) in which you can integrate your security and IT operations by fine-tuning the access authorization policies for both behind a single pane of glass. This means that you can integrate Symantec Secure Access Cloud with whatever points of control you have in order to turn it into a full-blown Zero Trust Access solution.
Validation and authentication of users are done prior to granting them access to your assets. This involves two more actions on the solution’s part – checking the posture of the device involved and authorizing the application in question.
Cloaking is yet another important security feature for Symantec Secure Access Cloud. It prevents the exposure of your network and associated assets to any third party deemed unauthorized by the system.
Two additional pillars of the access management model used here are the principle of the least privilege paired with managing all types of access based on identities. In the case of the least-privileged access, access management is done at the level of application, with no privileges granted beyond it considered relevant. Also, identity-managed access is enforced in all situations, no matter the type of resource of a geographical location of your site.
Symantec Secure Access Cloud features a range of management tools to make your time with a solution as easy as possible. First, the system will perform a constant verification of each action taken by the user demanding access and log it for easy governing and auditing. This, for instance, includes checking URI identifiers as part of HTTPS requests as well as other parameters.
All of this creates a comprehensive audit trail of all user activities at the application level, including the RDP actions, accessed URLs, etc. Associated audit logs will be of great use to you for meeting compliance demands.
Symantec Secure Cloud employs a ticket-based access management system that can be easily linked with any existing ticketing or communication system at a company level. The same goes for the integration with popular applications such Slack and Office 365, or security features such as SIEM, multi-factor authentication, and IdP.
The deployment of Secure Cloud is really fast, which is clearly a plus. You can deploy it as part of Google Cloud Platform, Amazon Web Services (AWS), private cloud, or Azure.
Symantec Secure Access Cloud interface
Upon logging in, you will be presented with an eye-pleasing and clean interface with an array of functional tabs, including applications, policies, logs, sites, and, of course, a dashboard. Under “logs”, you can check dates, applications, and entities that were involved in an event type, such as access permission. Together with the description of a specific event, you will also get to see its final result.
The dashboard section will show you all the activities relevant to the Symantec Secure Access Cloud, including the number of active users and active applications, the health of the sites, and the applications (how many of them are online or offline at the moment).
Next, the Sites tab demonstrates what goes on with a particular site. This includes the name of the site, as well as the name, type, and status of each connector. This is followed by the dedicated sections for a proxy server, persistent volume name, and notifications.
From the Policies tab, you can review and redefine policies that govern access for web, SSH, RDP, TCP, and web activity. If you want to introduce a new policy, you’ll have to name it and provide information on the applications and entities involved.
Everything is really simple, which is not a surprise, considering that Symantec aims to supplant the increasingly complex VPN solutions. Compared with its VPN competitors, Secure Access Cloud clearly gets to take the prize home in the accessibility segment.
Now, this is where Symantec gets to be less than stellar. The provider is notoriously silent on the price of its service, requiring you to go through a menu dedicated to “finding a partner and distributors”. This means getting in touch with authorized distributors and partners of Broadcom in your region or country, which can be a chore if all you want is a quick price overview.
So, no transparency, free trials, or freemiums. To get your hands on this one, you’ll have to go the hard way of consultations, provided that you are not stopped in your tracks by the menu in question.
Make no mistake, Symantec Secure Access Cloud hits all the right buttons for diverse user profiles, ranging from technological whiz-kids to laymen. Its package of security features is rock solid for this type of product, and it’s equally important that you can actually access them without having to comb through thick manuals. While having to divine the price for the service on offer leaves us with a slightly sour taste in the mouth, this one will surely give any business VPN you may use a run for its money.