In the ever-evolving landscape of secure access service edge (SASE), understanding the network context is key to delivering seamless and secure connectivity. With this in mind, we’re excited to introduce a new trusted network detection method designed to enhance security, flexibility, and reliability for our customers.

What Are Trusted Networks?
Trusted networks are predefined network environments that your organization recognizes as secure, such as your corporate offices or specific branch locations. When the SASE agent detects that it is operating within a trusted network, it can adjust its behavior, such as bypassing certain security checks or applying different policies, to optimize performance while maintaining security.

What’s New in Trusted Network Detection?
Our latest update adds secure HTTPS-based detection to our arsenal of methods for identifying trusted networks. Here’s how it works:

  1. HTTPS Connectivity Check to Internal Web Server
  2. The agent securely connects to an internal web server within the trusted network. This ensures that only predefined networks with the appropriate server are recognized as trusted.
  3. SSL Certificate Validation (Optional)
  4. For added security, you can choose to validate the server’s SSL certificate. This prevents tampering and ensures that the detection process is both robust and secure.
  5. Continued Support for Router MAC-Based Detection
  6. While the new HTTPS-based method provides an advanced option, we continue to support detection based on router MAC addresses. This ensures backward compatibility and flexibility for diverse network environments.

 Why HTTPS-Based Detection?
This new method provides several advantages:

  • Enhanced Security: With SSL certificate validation, organizations can ensure the integrity of the trusted network detection process.
  • Flexibility: The HTTPS method works seamlessly in environments where router MAC-based detection may not be feasible or reliable.
  • Scalability: HTTPS detection aligns well with larger, distributed networks where managing MAC-based configurations can be cumbersome.

 How It Benefits You

  • Improved User Experience: By accurately detecting trusted networks, the agent can apply optimized policies, reducing latency and improving end-user performance.
  • Seamless Transition: Whether using the new HTTPS-based detection or the existing MAC-based method, the system adapts to your network requirements.
  • Future-Proof Security: With SSL certificate validation, you’re protected against increasingly sophisticated spoofing and tampering attempts.

 Getting Started
To enable the new HTTPS-based detection method:

  1. Configure your internal web server to respond to the agent’s HTTPS connectivity check.
  2. Optionally, upload your SSL certificate to ensure secure validation.
  3. Define your trusted networks within the SASE management console.

For customers already using router MAC-based detection, the transition to HTTPS-based detection is smooth and optional. You can choose to use either or both methods to meet your network requirements.

You may also like