This demo presents Banyan Security’s single-click access to applications and services via our Zero Trust Network Access framework. We will review how Banyan ZTNA works so you know the components that are involved and what’s really going on behind the scenes. Enjoy the presentation!
Hello, this is Ashur Kanoon with Banyan Security, and today, we’re gonna look at a demo of single-click access. Before we get to the demo, I’m just gonna quickly go through how Banyan ZTA work so you know the components that are involved and what’s really going on behind the scenes. We’re gonna look at a very simple end-user experience. The user will not even know that Banyan is running, but a lot of cool things happen in the background. That’s when we’re gonna switch over to the admin portal to see what’s happening in the background.
For Banyan’s zero trust access, there are three components. There’s the Banyan app that gets installed, this can be a manual installation, it can be installed, using, like, a SCCM. , and as part of the installation, there’s certificates and things that are installed that we use. Then there’s the Flexible Edge. This is a component that could be a small connector that gets installed on your network to give the end user access to everything that’s on-prem and cloud resources. And then there’s a cloud command center, that’s where all the configuration and everything gets done. It’s one place where you log in to configure your full global deployment.
So when the end user makes the request, the request actually goes to the Flexible Edge first then to the command center. And then there’s some things that happen in the command center. We reach out to, like, a SAML or OIDC identity provider and then we fetch a bunch of device, trust information. All of this stuff can be completely transparent to your end user, which makes this, single access, single-click access easy. So in this case, the trust score for the user is at a point that we allow and they get access to their internal applications. If for whatever reason the trust score gets evaluated and it doesn’t meet the threshold that we’ve set, then everything gets denied right away. And we’ll take a look at this also in the demo.
Okay, so here I have my browser. I have a link to an internal application. This is the, the trials platform for MedSoft Digital. And from an end user, they’ll usually have a bookmark, that they save. So they just wanna go about their, work as usual. So in this case, I’m going to hit enter and as you can see, I’ve actually gotten into my application. And you might be telling yourself, “Well, is this a web hosted application? Like, what’s really going on?” Well, a lot of things happened. Authentication, happened based on a certificate, that’s transparent to the user. The authorization happens in the background. There’s also device posture assessments that are happening. So you can see I accessed everything and I didn’t have to use my client. But let’s take a quick look at the client.
So this is the Banyan desktop application. As you can see, I am not logged into the application. I don’t need to be logged in, for this proxy to access. If we look at the device state, my device is at 100% trust level. So all of the stuff happens, in terms of figuring out the state of the device, working with the EDRs or UEMs to make sure that we’re getting all the device information. And because I’m an authenticated user on a device that’s meeting the trust score and I’m authorized to access the application, I was actually led in. Right? So for the end user, they never have to actually interact with the client, so I’m gonna go ahead and close that. and they’re just able to proceed with their work, as usual. So in this case, I was able to access an internal application that’s sitting behind, one of our connectors. So this is completely private, but it led us in.
So now, I’m going to go into the admin console and show you what actually happened. Test Drive is the, organization, for this user. Now, if I go and I look at the logs, we can see the log, actually starts here. So I’m on my MacBook Pro. This is my user’s Ashur. We actually have federation, that works with Okta. The way we do single-click is Okta generates a token, the token is then shared between the end user device and the cloud controller and it authenticates me using certificate based and these tokens. It knows that my device is a trusted device. In this case, we do the device check here and my device is, meets all the compliance checks and everything. So we’re, we’re good to go, and then I’m served up the application.
The application does sit behind one of our connectors. So as long as my device is in compliance, I should be good to go. Okay. So now, we’re gonna take a quick look and see what happens when my device goes out of compliance. So for this to happen, I’m going to run a bit mining script, that gets detected as something that we don’t want running. It gets detected and triggered through our integration with CrowdStrike and it’ll tell us that, “Hey, you’re running a script or something on your system that you shouldn’t be.” My trust score will go down and then I’ll lose access to, my internal application. I’m gonna go ahead and run, the bit mining script. So it’s gonna start a container. It’s gonna start, running the package that has the bit mining malware, I guess you can call it, in there. Um, and it’s already started and running. Now, let’s take a look at what happens to my trust score.
So my trust score is now zero because malware was detected. Then if we go back and look at access, if I refresh this, now, I have unauthorized, access because my device is out of compliance. And if I go back to my log in, refresh this page, now you can see that my device, the trust score, doesn’t meet the authorize level and, I no longer have access.
Free for up to 50 Users
Simple, secure, & free!
Quickly provide your workforce secure access to corporate resources and infrastructure.