When the Akamai IdP capability is used, Enterprise Application Access integrates directly with Akamai MFA to provide phish-proof multi-factor authentication. It also integrates with Cisco Duo. If a third-party IdP is used, Enterprise Application Access will use the MFA service deployed in the IdP.
Ensure the right user has the right level of access to your applications
Akamai Enterprise Application Access is a Zero Trust Network Access solution that provides fast, secure, identity-based access to private applications. It uses real-time data such as user location, time, and device security to grant access only to necessary apps, eliminating network-level access. Delivered via Akamai Connected Cloud, it ensures responsive performance for all applications.
Scale application access with fast and intelligent security instead of VPNs
How Enterprise Application Access works
Features
- Zero Trust Network Access (ZTNA) as a service
- Device posture for adaptive access based on risk
- Multicloud flexibility to control app access, irrespective of where applications are hosted
- Integration with your existing IdP infrastructure or Akamai cloud IdP
- Edge Transport for superior application performance
- Secure clientless application access
- Local PoP for optimal in-office application access with consistent policy ZTNA enforcement
- Integrates seamlessly with Akamai MFA and Akamai Secure Internet Access
Enterprise Application Access Use Cases
Learn more about a few common ways Enterprise Application Access is used.
Zero Trust Network Access
Reduce VPN Reliance
Hybrid Workforce Secure Access
Secure Third-Party Users
Zero Trust Network Access
Application access based on Zero Trust
Providing secure access to applications and resources is a key step for any organization moving to a Zero Trust Architecture. Enterprise Application Access is a complete Zero Trust Network Access solution based on Zero Trust principles of “never trust, always verify” and provides dynamic application access based on identity, context, and device posture. It eliminates implicit trust and enforces strict identity verification and least-privilege access policies for every user identity, device, or application regardless of where they are located, and supports all cloud environments. Enterprise Application Access reduces an enterprise’s attack surface, prevents lateral movement, and simplifies administrator experiences through centralized policy management.
Reduce VPN Reliance
Reduce your reliance on virtual private networks (VPNs)
VPNs provide employees remote access to corporate resources and applications located in on-premises data centers. But as organizations move to the cloud, applications can be hosted everywhere, and hybrid working means employees are working from anywhere using managed and unmanaged devices. VPNs also require inbound access through the firewall, which exposes your applications and can lead to threat actors gaining unbridled access to your network. Enterprise Application Access eliminates network-level access and replaces it with granular access to specific applications hosted anywhere and employees working everywhere.
Hybrid Workforce Secure Access
Fast and secure application access for your hybrid workforce
Hybrid work environments, which include both in-office and remote users, can increase your organization’s attack surface. Enterprise Application Access offers a more secure solution by providing access to private applications on a per-app basis, eliminating the need for network-wide access. This approach reduces your attack surface and prevents lateral movement in the event of a security breach. It ensures a secure, seamless, and low-latency experience for all users, regardless of their location, while maintaining a strong security posture for your hybrid work program.
Secure Third-Party Users
Secure application access for contractors and partners
Providing secure application access for partners, suppliers, and contractors limits your cybersecurity risk. Enterprise Application Access is a ZTNA solution that provides application access at a per-app level without the need for network access, which limits your attack surface should a third-party endpoint or user identity become compromised. Simplify onboarding by using the Enterprise Application Access cloud IdP to quickly add third-party users.
Frequently Asked Questions (FAQ)
Most Zero Trust Network Access (ZTNA) solutions create tunnels and have a reverse proxy to allow user access, but they do not have inspection and service creation policies. They only protect the integrity of the transfer. Enterprise Application Access wants to know what the contents of that communication path are in addition to ensuring the integrity of the transfer, thereby increasing secure access. For apps that need an additional layer of protection, Akamai App & API Protector can be utilized to further harden your security posture.
Enterprise Application Access device posture is a key feature for allowing, denying, or limiting user access to applications. It operates alongside authentication authorization and access control rules, and gathers information about the status of the device (e.g., if the device firewall is enabled, if it has the most up-to-date operating system, or if anti-malware is installed). It also gathers external threat signals from Akamai Secure Internet Access, Carbon Black, and CrowdStrike. You can create risk tiers that allow you to deny or limit application features based on the risk profile of the device. Device posture helps to ensure that the devices accessing applications satisfy the necessary security requirements.
Enterprise Application Access integrates with most existing identity providers (IdPs), such as Akamai, Google, Ping, Okta, Microsoft Azure AD, or any other SAML-based IdPs.
This is done by deploying the Akamai connector virtual machine in the same location as the applications you want to make available. The connector can be installed in on-premises data centers and private and public clouds. Once deployed, the connector establishes a connection with the application, then makes an outbound connection to the Enterprise Application Access reverse proxy. When an authorized user connects to the application, the proxy connects the user to the application. Connectors are available for VMware, VirtualBox, Amazon Web Services (AWS) EC2/VPC, OpenStack/KVM, Microsoft Hyper-V, Docker, Microsoft Azure, and Google Compute Engine (GCE).
Enterprise Application Access is delivered from Akamai Connected Cloud, the world’s most distributed cloud security platform. This ensures that ZTNA infrastructure is deployed close to where your users are located and applications are hosted. Application traffic is automatically routed over Akamai Connected Cloud between the user and application to ensure that applications are fast and responsive and deliver a delightful end-user experience.
Enterprise Application Access allows you to enforce consistent application access policies, irrespective of where your users are working from. For the scenario where applications are hosted on-premises and users are working in the office, the local PoP capability enforces the access policy and connects directly to the application to eliminate the performance impact of hairpinning traffic to the cloud PoP.
Free 60-day trial: Try Enterprise Application Access
Discover the benefits of Enterprise Application Access for yourself:
- Secure connectivity for clientless web-based applications, as well as applications requiring a client that use non-HTTP/HTTPS protocols
- Integrate seamlessly with your existing identity provider and other security ecosystem tools, such as SIEMs
- Easily scale and deploy across all infrastructures with high availability, server load balancing, and automatic app routing
- Enable real-time adaptive access decisions based on device posture, delivering complete Zero Trust Network Access
Set up your 60-day free trial:
- Submit form
- Confirm your email
- Pass Akamai’s validation and vetting process
- Receive login instructions
- Log in and set up your instance of Enterprise Application Access
Terms and restrictions apply.