Cisco AnyConnect: Secure Remote Access for the Long Haul

Most of us were caught off-guard by the COVID-19 crisis and the resulting social distancing requirements. As a result, many organizations had to make some hasty decisions about how to support an almost entirely remote workforce.

A third of IT security professionals say they were unprepared for the sudden transition, according to one new study. With only a few days to put a plan in place, most were forced to deploy a variety of off-the-shelf security solutions for remote employees accessing the corporate network with their personal devices.

While functional, these measures “threatened IT infrastructure, business continuity and information security,” according to the 2020 Remote Work-From-Home Cybersecurity Report from Cybersecurity Insiders and Pulse Secure.

Although offices are reopening around the country, 84 percent of those surveyed expect their companies will maintain some level of permanent remote work capabilities. Doing so will require a more comprehensive approach to secure remote access. Cisco AnyConnect is a great place to start.

A Comprehensive Solution

AnyConnect is a unified security endpoint agent that delivers multiple security capabilities to ensure secure access to the corporate network for any user from any device and any location. AnyConnect clients are available for a wide range of operating systems, allowing employees to continue to use the device of their choice.

AnyConnect can be implemented with either device-based agents or with a per-application VPN, which establishes connectivity at an application level instead of on a per-device basis. With a per-app VPN, you can configure business applications to establish a VPN connection when they are launched. This eliminates any potential connectivity issues with user-owned devices.

In addition to protecting corporate data, the per-app approach also safeguards remote users’ personal data and applications. Because only explicitly configured business applications can connect to the VPN, AnyConnect behaves almost like an application filter. Anything not configured for per-app access cannot be accessed.

Beyond the VPN

AnyConnect is more than VPN client, however. The integration of multiple security modules further enhances secure remote access. Other major features include:

  • Unified endpoint compliance: AnyConnect’s ISE Posture Module enables continuous automated posture checks and threat remediation across wired and wireless networks and VPN environments. It checks endpoint devices for operating system levels, antivirus and antimalware updates and other characteristics that affect the organization’s security and compliance posture.
  • Secure network access: The Network Access Manager module allows administrators to control the networks or resources with which endpoints can connect. It conforms to IEEE networking protocols for authentication, authorization and accounting, and enables high-speed data encryption with a variety of cryptographic algorithms.
  • Web security: AnyConnect allows organizations to implement robust web security using either the on-premises Cisco Web Security Appliance or the Cisco Cloud Web Security service. Both identify web-based threats, automatically blocking risky sites and testing unknown sites before allowing users to access them.
  • Network visibility: Administrators have the ability to identify which users and devices are accessing the network. They can also monitor endpoint application usage to uncover potential behavior anomalies and to make more-informed network design decisions.

 

Off-network protection. Integration with Cisco’s Umbrella Roaming cloud-delivered security service protects devices when they are off the corporate network. Whether users turn off the VPN or forget to turn it on, Umbrella Roaming enforces security at the DNS layer to protect against malware, phishing and command-and-control callbacks over any port or protocol.

Companies everywhere are contemplating a more permanent shift to remote work in the wake of the coronavirus. Relieved of the pressure to move quickly, organizations must take the time to properly evaluate the technologies, processes and controls they need to securely accommodate remote workers. Give us a call to learn more about Cisco AnyConnect and many other communication and collaboration resources that can ensure the security and productivity of your remote workforce.

Related Articles

A sampling of other articles you may enjoy if you liked this one.

Webinar Replay: Cisco SecureX, Threat Response, and APIs
Jun 25, 2020

Are you overwhelmed by too many security investigation tools? Time is a scarce resource for many or...

Read More
incident response
A State and Local Government Guide to Developing an Incident Response Plan
Jun 9, 2020

Incident Response Plays a Key Role in Effective Cybersecurity Experts say that a security breach is...

Read More
Government Cyber Risks
The Growing Cyber Risks Facing Government Agencies
Jun 2, 2020

Ransomware attacks against state and local governments have been on the rise over the past few years...

Read More
For Emergency Support call: (877) 423-7486
For other support requests or to access your Cerium 1463° portal click here
Stay in the Know

Stay in the Know

Don't miss out on critical security advisories, industry news, and technology insights from our experts. Sign up today!

You have Successfully Subscribed!