Ericsson announced an expansion of its NetCloud SASE with clientless Zero Trust Network Access. This innovation empowers organizations to securely connect third-party and BYOD users to authorized resources with enhanced security. Building on Ericsson’s existing client-based ZTNA, the new solution offers flexibility for lean IT teams navigating managed and unmanaged devices in dynamic, wireless-first settings.
According to KPMG, 73 per cent of organizations have experienced at least one major disruption tied to third-party cyber incidents over the past three years. Ericsson’s clientless ZTNA solution enhances protection against these events with embedded isolation technology. Unlike other clientless solutions relying solely on access controls, NetCloud SASE activates application sessions in isolated cloud containers for unmanaged or BYOD device access. This air-gaps corporate systems from potentially insecure devices, preventing malware spread into the enterprise.
Pankaj Malhotra, Head of WWAN & Security, Enterprise Wireless Solutions at Ericsson, stated: “5G uniquely introduces a surge of IoT and OT assets, which are frequently monitored and maintained by third-party suppliers and contractors. Unlike legacy VPNs that provide broad network access and are difficult to implement, NetCloud ZTNA offers a straightforward, policy-based solution that ensures users have isolated access to resources based on the principle of least privilege.”
Key features of NetCloud SASE with clientless ZTNA include:
– Clientless Secure Access: Contractors and BYOD users can access isolated applications via a secure URL, eliminating the need for VPNs, clients or special browsers.
– IoT/OT asset and corporate application protection: Interactions between unmanaged users and corporate systems are isolated in cloud containers, safeguarding applications from potential malware infections.
– Granular access based on least privilege: Access is controlled by detailed policies based on user roles, device types, and other factors, ensuring users receive only the necessary level of access.
– Continuous Risk Assessment: Real-time analytics and intrusion detection system/intrusion prevention system (IDS/IPS) allow for instant access revocation in response to changes in user context and risk levels.
– Zero-trust based: This unique architecture removes the need for static public IP addresses, hides all internal IPs, defaults to deny all, and enables micro-segmentation, which prevents lateral movement within the network.
– Single-platform Management: Integrated into NetCloud Manager for simplified deployment, visibility, and policy enforcement alongside 5G WWAN, SD-WAN, and other SASE security features.
– Seamless integration with Existing Identity Providers: Leverages existing enterprise Identity and Access Management (IAM) platforms for seamless user authentication and authorization, preventing identity sprawl.
John Grady, Principal Analyst at Enterprise Strategy Group, now part of Omdia, said, “VPNs fail to address modern secure access needs due to their complexity, management overhead, security vulnerabilities, and performance issues, making ZTNA a must. But ZTNA solutions that rely on agents make it difficult for overburdened IT teams to deploy to third-parties needing access to corporate resources. For organizations adopting a wireless-centric strategy, NetCloud SASE clientless ZTNA offers a unique, isolation-based approach which grants access to specified assets, while providing effective protection against malicious activity and the threat of malware.”
NetCloud SASE with clientless ZTNA is now available and included as part of the NetCloud ZTNA license. The solution will be showcased at RSA Conference on April 28, 2025, marking the first time an enterprise 5G router vendor has delivered a fully integrated, clientless ZTNA solution under fully unified management.
To learn more about Ericsson Enterprise Wireless Solutions security capabilities, please visit the Ericsson NetCloud SASE page.
Source: Ericsson
