Banyan vs BlackRidge Technology Transport Access Control comparison

Traditional secure remote access solutions like VPNs don’t work anymore for today’s world where users, devices, and applications are highly distributed and dynamic. We need three foundational building blocks to provide a complete solution:

1. Quantified Trust: User and device trust are no longer black or white, but rather like shades of grey where depending on the security posture the same user and device may be allowed different levels of access.

2. Continuous Authorization: The channel cannot be validated with just one-time authorization, but rather needs to be continuous authorized based on zero day attacks, unauthorized user activity.

3. Decentralized Enforcement: The access enforcement cannot be centralized to handle the large scale and security concerns of modern enterprises. We need a highly distributed architecture that scales with applications and clouds.

BlackRidge products include hardware and software gateways and software endpoints that implement BlackRidge Transport Access Control (TAC) with First Packet Authentication™. BlackRidge gateways and endpoints perform identity insertion, identity resolution and policy enforcement on network sessions. Identity insertion is the process that associates a network connection request with a user or device identity and inserts identity tokens into TCP sessions. Identity resolution is the reverse process by which a BlackRidge gateway or endpoint associates and authenticates an identity token with a user or device identity. Policy enforcement implements the provisioned security policy — forward, redirect, or discard — for the connection request to a protected resource.