Case Study – ZTNA Acceleration

ZTNA Acceleration for AppGate SDP

CXIT
Rudio

The Challenge

Rudio, a managed IT provider with a focus on security and a partner of Replify, came to us with a customer of theirs who was having performance issues and needed a solution that was compatible with their Zero Trust Network Access (ZTNA) platform. In this case, the customer had deployed the AppGate SDP (Software Defined Perimeter) solution. Rudio, working together with CXIT, needed a solution for the customer to make their remote desktop experience work for them.

The end customer is a well-established and leading supplier of engine tooling equipment, with hundreds of employees across sites located all over the world. Some of their employees in Singapore were finding it frustrating using head office resources. One of the problems was that it was taking a long time to save documents to file shares located in the US. These operations over such long distances are prone to latency-related slowdowns. Also, an application they depended on required access over Remote Desktop (RDP) and was very sluggish – almost unusable.

With ZTNA, crucially, the client often doesn’t even know or see the IP of the service they’re connecting to, as they connect through a secure proxy (also known as a ZTNA gateway) often within the ZTNA vendor’s network.

When data is funnelled through a gateway, the location of the gateway becomes a key part of speed and responsiveness of the application or service. Extra hops between the client and the application, can have a detrimental effect for at least some, if not all of the service users. Some users who move out of an office, for example, to work from home, might find they have a poorer experience.

Security was of prime importance to the organisation, but they were keen that it didn’t have a detrimental effect on employees’ day-to-day interaction with key services. They had deployed Appgate SDP, and required an optimization solution that would work transparently alongside the ZTNA solution.

What is Zero Trust?

Zero Trust is a paradigm for network and IT organisational security that has been receiving greater attention due to the evolving nature and severity of cyberattacks, particularly ransomware. This view of networking security focuses on a specific individual’s needs for access to services. This differs from the traditional view, which connected authenticated users to networks using a VPN. The problem with that that traditional view is that it enables horizontal movement around the network, potentially allowing people far greater access to servers than they need.

What is Zero Trust Network Access?

Zero Trust Network Access aims to modernise access to services by allowing them to connect on a service-by-service basis. This limits the attack surface greatly and is key for implementing one of the key tenets of Zero Trust – that of least privilege. The device’s ‘security posture’ is taken into account when granting access to a service and is often evaluated in real-time with metrics such as the client’s location, time of day, anti-virus version among others being evaluated.

The Solution

Replify’s heritage providing a complete software-based WAN optimization solution was key. With a focus on a software solution, Replify could provide their Accelerator Client, coupled with a Virtual Accelerator (VA).

Thanks to the Replify Client’s deployment simplicity, the accelerator client could quickly be deployed to the end-user devices. The Replify Accelerator Client was installed each user’s desktop alongside the Appgate SDP ZTNA client using a NinjaRMM script.

The next step was to place the Virtual Accelerator, that the clients must connect to, at the appropriate point in the network. In this case, a VA was installed in the same cloud platform as the Appgate ZTNA gateway, and some simple configuration was applied.

Now, when the users attempt to access their services, the Replify Intelligent Caching Engine applies multiple optimizations. These include caching, compression, application protocol optimization as well as TCP optimization. These all combine to not only greatly reduce the amount of data transmitted but also deliver that data more efficiently.

Replify ZTNA Acceleration with AppGate SDP

The Results – ‘You’ve added a jet engine’

The improvement was immediately noticeable with one user describing the change as “You’ve added a jet engine to this!”. Documents can be opened, modified and saved much more quickly and the RDP application is greatly more responsive than before. This eliminated the frustration experienced by the remote workers, while enabling them to be continually protected by the ZTNA solution as before.

Appgate provides a top-tier Zero-Trust environment for both internal and external users. Mixed with Replify, this gives the customer not only a secure access tunnel to their protected assets but also provides an accelerated connection that can work on top of the tunnel transparently.

Marty Godsey – Co-Founder & Principal Architect at Rudio

As well as speeding up the applications that users were having issues with, extra bandwidth was available for other types of traffic on the link, bringing a better experience for all users of the network.

Replify was delighted to partner with Rudio to supply its WAN Optimization technology to offer an accelerated connection for customers of Appgate’s ZTNA solution. Use cases for accelerating ZTNA are becoming increasingly common, and Replify’s software is an ideal fit for many ZTNA solutions.

Rozy Corry, Replify CEO