As a start ZAFEHOUZE follow 'security first' principles. This means the design HAS NO dependencies to any third-party security solutions like x.509 (PKI, TLS etc.), nor do you need VPN, IPSec, PIM/PAM, IAM, DLP, CASB etc. (unless you want to). All you need to accessing IT-systems securely is built in - totally transparent.
ZafePass only use the infrastructure as backbone - as a resource for conneting the right user with the right resource. If the infrastructure is breached - it can't affect ZafePass on a security level - but the service is 'currently unavailable' if you havent fault tolerent and redundant setup.
The ZafePass design and functionality has many advantages, which we run through in our "simplification" and "design-thinking" workshops, but generally we don't recommend not having End-Point Detection & Response, DNS filtering, Mail Scan and for large installations also IAM (ID Access Management).
Another important element is that ZafePass DON'T require re-routing of traffic and it is NOT hardware appliance based.
The ZafePass Agent can be both be installed and executed via removable media, all needed security is built-in and by using obfuscating techniques the environment behind ZafePass is now completely hidden fron external unintended parties and attackers - and the environment is fully controlled from your IT-admins.
The ZafePass design is superior lowering cyber-security operating cost. Not only does ZafePass provide significant cost and resource savings in solutions you no longer need and no longer need to maintain and operate.
This will save IT-teams from exhaustion, help them keep up with all the other tasks as workload becomes acceptable.
Setting up a ZafePass environment takes between a few hours and a few days. It's not weeks or months - and it can easily be done from remote. On-/off-boarding of users, resurces, adding applications and services as menu items takes a few minutes - and if you security policy allow it, these are instantly enforced and either available to the user or not. If a resource should no longer be provided - the menu items disspears from the Users ZafePass Agent.
Many ask how ZafePass compares to VPNs. Its an unfair comparison. Try configure 10 or 10,000 og 100,000 VPN connections and you realize it's a daunting task the more users you have. With ZafePass the same exercise takes from a few minutes to an hour. If the application or service is defined, tested and ready - it can be deployed by adding the service as a menu item to all. The same applies if you want to terminate all connections for security purposes (a kill switch if you like).
Have you ever exerienced problems using VPNs working on a train, in an airport, on a plane - wen you're on the move? Mobility and VPNs are not designed for the same purpose.
ZafePass is designed for mobility. When the connection fails - just keep on working - once the connection is available again, ZafePass will automatically re-connect and sync up.
The ZafePass design could accomodate all people on the planet. Literately all of us - that's how scalable ZafePass is. Just add the number of ZafePass access-points/gateways and these are designed to share the load and if one is unavailable the user automatically connects to the next.