How about Cloud Secure Edge?
Simon_Weel
Enthusiast ✭✭
We use Remote Desktop to access pc's from the home. I know it's not the most secure solution for remote access. And no, we don't have port 3389 open for the whole world - it's tied to the home-IP-address. We asked our Sonicwall supplier how to elevate the security for Remote Desktop. They come up with Cloud Secure Edge. Read the product description, but It's not clear to me what it does and how it works? To me, it looks like a 'firewall in the cloud'.
So I wonder what it is exactly. And more important, what are the opinions / experiences of those who actually use it?
Category: Cloud Secure Edge
0
Answers
@Simon_Weel I'am currently in the process of evaluating both components of Cloud Secure Edge. Secure Private Access would the part for your requirement.
The big advantage is, that you don't need to open any ports facing the Internet, it's all done via a Connector component which can run on a SonicWall with SonicOS 7.1.2 (yikes!) and up. The connector is also available on Linux, Docker, VM or Windows. For example I deployed a connector on Docker in my AWS environment and now I can connect to my internal resources without accepting VPN on my AWS gateway. It's all done internally with a Wireguard tunnel.
You can publish Web Applications which does some kind of Reverse Proxy, or you allow full fledged Tunnels.
I highly recommend the Documentation, which holds some great insights.
https://docs.banyansecurity.io/
I can't give a final verdict at the moment because I already experienced some bumps on the road, as usual. I'am a magnet for that. But it's on my radar and I have high hopes in it, because it's not only bound to SonicWall Firewalls, time will tell.
—Michael@BWC
FYI: In addition to the web applications, the proxy configuration in the CSE console can also surface infra services so you could actually surface a RDP service as an alternative without doing a full fledged tunnel — speaking specifically to the request to surface 3389 to users.
That might also be preferable if you'd like to surface a catalog of services in the desktop app for users with descriptions, help links, auto-run, etc.