Banyan Security FAQ

What is the Banyan Security Platform?
What does Banyan Security do?
Today’s computing world has become truly perimeter-free. Remote employees and contractors in coffee shops, airports, and homes access internal applications running in multiple public clouds, connecting to other cloud applications and enterprise data centers. Mobility, containers, and public and private clouds have unleashed innovation like never before.

Yet this creates tremendous challenges for securing this ever-growing and interconnected access surface to protect information, ensure compliance, catalyze innovation, and deliver an outstanding user experience.

At Banyan Security, we help IT and Security teams successfully deliver modern secure remote access to both today and the next generation of users and applications.

Our Security Service Edge (SSE) solution – the Banyan Security Platform provides secure, zero trust “work from anywhere” access to applications and resources for employees and third parties while protecting them from being phished, straying onto malicious web sites, or being exposed to ransomware. A Flexible Edge architecture enables rapid, incremental deployment on-premises or in the cloud without compromising privacy or data sovereignty. A unique device-centric approach intelligently routes traffic for optimal performance and security delivering a great end user experience. Built on a patented Zero Trust architecture, the Banyan solution transparently deploys in hybrid and multi-cloud environments, continuously enforcing trust-based access policies based on any combination of user, device, and application contexts.

How does the Banyan Security Platform work?

Banyan makes access to private networks easy and secure for everyone, from small teams to global enterprises. We’ll dive into how it works by looking at the main components:

  1. The Cloud Command Center is our cloud-based management and visibility platform which integrates with various services, such as IdP, EDR, and UEM to learn about the user and devices. It also integrates with threat feeds to provide enforcement policies on outbound traffic. The Cloud Command Center also provides discover and publish functionality, allowing enterprises to quickly locate resources and create least privilege access to them, whether they are on-premises, in SaaS, or IaaS.
  2. Flexible Edge enables easy deployment anywhere your resources live. The Flexible Edge provides a multi-cloud identity-aware access proxy that securely cloaks cloud applications and servers from malicious attacks or inadvertent exposure and also provides real-time enforcement of accessibility due to policy infractions. Flexible Edge can be easily deployed using tarball, Docker, and Terraform.
  3. The Banyan app, available on desktop and mobile, is recommended but not required. The Banyan app provides VPNaaS and ZTNA connectivity, along with making SWG and CASB decisions. The Banyan app is also used to gain visibility into the device for real-time Device Trust insights. The Banyan app communicates with the Cloud Command Center for authentication and authorization decisions, aka control plane communication. It also communicates directly with the Flexible Edge for all data plane related activities.

Banyan Security Platform Diagram image


Can I replace my legacy VPN with the Banyan Security Platform?

Yes! Banyan’s Security Service Edge (SSE) solution provides seamless remote access to employees and third-parties while eliminating massive security gaps, streamlining IT management, and removing choke-points for your users.

The Banyan Security Platform enforces least-privileged access to applications and services in real-time, leveraging your existing enterprise identity and security tool investments. Built on a patented zero trust architecture, the Banyan solution transparently deploys in hybrid and multi-cloud environments, continuously enforcing trust-based access policies based on any combination of user, device, and application contexts.

Can I deploy ZTNA and keep my existing VPN?

No problem! The Banyan Security Platform’s Zero Trust Network Access solution can be deployed alongside existing infrastructure – no need to rip and replace. Banyan offers an incremental “deploy-as-you-go” model for admins and users that includes co-existence with VPNs, one app or service at a time, permissive mode (learning) vs. enforcing, and more.

Is an endpoint client required for the Banyan Security Platform?

Banyan’s Security Service Edge (SSE) solution can be deployed without an endpoint client; however, you get some important benefits by using the lightweight Banyan app. Banyan delivers a robust Device Trust solution featuring passwordless access that takes advantage of a lightweight app that can be easily installed by the end user or silently deployed by the administrators. Unlike MDM and UEM products, the Banyan app does not provide any administrative control over the end user’s personal device, making it attractive for employer-owned and BYOD (employees, contractors, etc.) devices alike.

What is the Banyan app? Is it required?

The Banyan app is a cross-platform endpoint client, installed on end user desktop and mobile devices. The app is used to register and authenticate end user devices with the Banyan Cloud Command Center. Note that the Banyan app is optional on MDM-managed devices on which you can install a Device Certificate via your device manager.

The Banyan app allows users to self-register devices and enjoy one-click access to a personalized catalog of corporate resources (websites, applications, services, infrastructure, etc.)

Should users be concerned about privacy with the Banyan app?

The Banyan app was developed with privacy in mind.

The Banyan app was developed with privacy in mind.


How do I manage the Banyan Security Platform?

The Banyan Cloud Command Center is the central management console for IT Administrators and Security teams. You can interact with the Command Center via the web portal or the RESTful API, to develop and enforce policies, configure alerts for security events and visualize real-time connectivity.

The Cloud Command Center is a SaaS platform, connected with your enterprise identity provider, that lets users write granular policies based on user and device entitlements. The Command Center issues short-lived tokens and certificates, offering one-click access to applications and resources, while also ensuring every access granted is continuously authenticated and authorized.

What kind of automation capabilities are available in the Banyan Security Platform?
  • Discover and Publish provides a streamlined way to secure access to hybrid and multi-cloud infrastructure. Banyan Security is providing customers with the following benefits:
    1. Improved time to value – Banyan Security provides a quick and effective way to create least-privileged access to your infrastructure and services.
    2. Scalable IaaS access management – Banyan Security provides a modern, consistent way to manage access to IaaS workloads across any cloud.
  • RESTful APIs from Banyan automate security policies
  • Terraform SupportTerraform is an “infrastructure as code” tool that lets users define corporate resources in human-readable configuration files. A Terraform Provider is a plugin that lets users manage external APIs, facilitating Terraform’s communications with various cloud providers, databases, and services. Learn more here.
How do I get started?

Banyan can help you identify a meaningful remote access project and configure your environment for a zero trust security posture. And best of all, it is designed for an incremental rollout in any environment, integrating with existing EDR, MDM/UEM, and SIEM solutions. You can even deploy it alongside your existing VPN as you evolve your network infrastructure.

Speak with our Zero Trust experts about your security initiatives.

Get Started now with a free trial of the Banyan Security Platform Team Edition – Deploy in just 15 minutes.

Can I really deploy Banyan Security’s solution in less than 15 minutes?

Yes! You can get the Banyan Security Platform Team Edition installed, deployed and adding value in less than 15 minutes. Here’s a video showing Dr. Chase Cunningham deploying the Banyan solution in his environment.

Why choose the Banyan Security Platform?
  • Easy to deploy and use – most folks are up and running in 15 minutes or less, delivering an end-user experience that is superior to other forms of remote access.
  • Actionable insights – Banyan offers actionable insights through deep visibility into the applications, services, users, devices, and activity that are present, which permits superior control and accountability.
  • High security – the Banyan Security Platform is built on a foundation of zero trust principles that dramatically improve your organization’s security posture. These features include least privilege access, continuous authorization that leverages real-time device posture and trust, user trust, and resource sensitivity as defined in granular policy controls.

Get started on your Zero Trust Journey.