October 5th 2021, Ghent (Belgium), New York (USA) – With the release of Awingu 5.0 in October 2020 Awingu made its first steps as a Zero Trust security solution while staying loyal to its ‘simplicity’ strengths. COVID-19 triggered a massive increase in remote working, but unfortunately a lot of businesses resorted to less secure implementations based on VPN and publicly available RDP endpoints. With release 5.2, Awingu extends its Zero Trust perimeter with two new partnerships: OPSWAT and Idenprotect.

OPSWAT MetaAccess: endpoint compliance as a context

Awingu and OPSWAT enter into a technology partnership. Businesses can leverage the MetaAccess solution on top of Awingu to guarantee compliance of their end-points. Where Awingu as a default runs in the browser ‘on any device’, it is hard to restrict access to specific endpoints or the context of those endpoints. That is where partner solutions such as OPSWAT MetaAccess come into play.

MetaAccess is both a central admin platform (on-premise or in the cloud) and a local agent that can be installed on your endpoint (such as a Windows PC or an Apple Macbook). The local agent will for example measure:

    • Endpoint protection (e.g. anti-malware up to date and running)
    • OS compliance (e.g. OS version, missing patches, etc.)
    • Removable media (e.g. blocking the use of USB drives)

Businesses can choose their desired minimum level of security on the endpoint, and that can differ for BYOD (Bring Your Own Device) user groups compared to users with company owned and managed devices.

When configured with Awingu, MetaAccess will act as a security context for Awingu. More specifically, when users attempt a login via the browser, Awingu will await feedback from the OPSWAT MetaAccess service. Only when MetaAccess provides a positive assessment will the user be enabled to access Awingu via the browser. That also implies that users in this setup will not be able to access Awingu from endpoints that are not enabled with MetaAccess.

It is possible to use MetaAccess in combination with an external IdP such as Okta or Azure AD.

Awingu customers that wish to use it in combination with MetaAccess need Awingu 5.2 and require a specific configuration in the admin system settings – find out more in the Awingu Admin guide.

Already out-of-the-box, Awingu comes with a multitude of security and compliance capabilities such as MFA (Multi-Factor Authentication), SSL encryption, granular usage controls (such as copy-paste blocking) and context-awareness. OPSWAT MetaAccess is a nice addition for businesses that wish more control and compliance on the endpoints used.

IdenProtect: password-free authentication

Kill the password. No organization should rely on solely a login & password to authenticate into their IT assets. Not only are passwords a source of annoyance for end-users, they are often also a risk to get hacked (especially given many passwords are very simple to guess). For many years, Awingu has a well-adopted MFA (Multi-Factor Authentication) solution built-in as well as support for Radius-based services (and even DUO, SMS Passcode or Azure MFA). With Awingu 5.2, we extend the options with Idenprotect, a password-free authentication, single sign-on and access platform.

Users can enroll and install the Idenprotect app on their smart device, and simply and securely login to the Awingu workspace using biometric sensors on the smart device. As always, after authenticating users can log in through their browser from any device, anywhere.

Awingu customers can enable Idenprotect’s password-free service by leveraging the SSO (Single Sign-On capabilities) of Awingu. The setup is simple, as depicted in below diagram.

With the addition of IdenProtect’s Password-Free MFA service, the options for Awingu customers are as shown below.