Deliver Corporate-level Network Security to Anywhere in the World

Zyxel_Carter Posts: 62  Zyxel Employee
First Anniversary Friend Collector First Comment
edited June 2023 in Nebula Security Gateway
Due to the pandemic, businesses now need to ensure their networks can be accessed securely outside the office by their employees working at homes or remotely while still providing the same level of corporate security.

What We Offer?

Based on the zero-trust network security, Zyxel has developed the Remote Access Point (RAP) functionality in its latest Nebula 11 release; network admins can easily preconfigure all business APs with secure tunnels in Nebula Control Center (NCC) to protect the connections between homes and offices with stronger encryption. Simply send the APs to employees to install at homes – and they are instantly connected back to the USG FLEX firewall located at the headquarters to gain access to the corporate network and resources while being protected with the corporate-level security.

Just as they would be in the office, the RAP is an extension of the corporate network to the user’s location no matter where they are in the world. Security threats and risks will be blocked or quarantined automatically by the corporate network policy at the network edge without the need of IT close monitoring and immediate response to avoid any damage to the network security.

Who Needs It?

This is a no-brainer for an employee who needs to connect to the corporate network at their homes or just about everywhere in this world, perfectly for work-at-home staff, top management, or sales team who are constantly on the go. It is particularly beneficial for employees who have little IT knowledge of setting up a VPN connection or those who don’t want to be bothered with repetitive VPN logins.

Zyxel’s Secure WiFi Solution

Remote AP (RAP)

RAP involves configuring a standard AP in Nebula to provide services to the user by tunneling back to the corporate network with the same SSIDs, the same security controls, and even the same IP address, just as they would be in the office.
*The Secure WiFi license is required to enable RAP functionality.

As of May’21, the following models support RAP with secure tunneling:

WiFi 6:

802.11AC Wave2:

Same Security Across Networks

With a growing number of devices, how to strike a balance between productivity and security protection has become a priority for many businesses. Whether it is a wired, wireless, or IoT device, Zyxel’s USG FLEX firewall series provides the Secure WiFi service to ensure the same network controls at the headquarters and any other remote workplaces. The same work experience can be easily and securely extended to any location outside the office with the adoption of secure tunneling and strict two-factor authentication.

Safer Tunnel Protection

  • WPA2 Enterprise can authenticate the connected devices or individuals remotely and has a very rigorous and safe authentication method that is not easy to be broken. It supports dynamic VLAN, giving users great convenience and improved security.
  • In order to protect the user accounts and data from security risks and cyberattacks, two-factor authentication provides an extra layer of security with low or even zero additional cost. It helps increase productivity by letting network users safely use their personal devices to authenticate and gain access to the network.

Image 1: The RAP function with a two-factor authentication with GA enables an instant, yet completely secure tunnel to the company network for WTH employees, just as they would be in the office.

Reducing complexity through Nebula Secure Cloud Networking

Nebula centralizes configuration, management, and troubleshooting on a single platform, reducing the complexity of managing RAP systems. When there is an issue, very few home users have the ability to troubleshoot the problem. By centralizing everything on a single platform, corporate IT staff is able to configure, manage, and troubleshoot the connectivity for a remote workplace using Nebula. IT is able to push the latest configurations to the home user when the device boots. Encryption can be configured, security policy can be enforced, and actions can be taken if there is a malicious client or activity to ensure maximum network safety. Also, troubleshooting can be performed on Nebula centralized platform remotely where a truck roll is not possible nor cost effective.

Image 2: IT configures RAP on Nebula centralized platform.

Image 3: IT monitors the RAP connection on Nebula centralized platform.