Try Now
Log In
Live Demo
Free Trial

Secure Private Access (SPA) – Use case Realisation Steps

Secure Private Access (SPA) – Use case Realisation Steps

1       Overview

Secure Private Access (SPA) is a cloud-based Software Defined Perimeter (SDP) or Zero Trust Network Access (ZTNA) solution that is delivered through the Intelligent Cybersecurity Mesh™.

SPA provides zero trust, secure remote access to internal applications running in public cloud environments or private data canter’s, reducing risk and simplifying security operations. With SPA, applications are never exposed to the internet, making them inaccessible to unauthorized users.

SPA provides a simple, secure, and effective way to access internal applications. Access is based on policies created by the Workspace admin within the Exium Admin Console.

LGW is a Local Gateway through which private access can be provided to resources (services and servers) securely to the users for whom trust paths are defined.

This document provides you with the step-by-step procedure of how to realize Secure Private Access (SPA) for your workspace by going through a reference use case.

2       Use case

This Use case defines Secure Private Access (SPA) for users of a workspace

For simplicity, following points are considered for use case

  • Number of users in workspace are 4, excluding admin of workspace
  • Number of user groups are 2: itadmin and development
  • Number of LGW’s are 2:
    • LGW deployed in SFO datacentre as lgw.dc.sfo with 2 sets of services/services behind it.
      • dc.sfo.services with subnet 192.168.10.0/24, hosts different organizational service apps like Jira, Bitbucket etc.
      • dc.sfo.servers with subnet 10.10.10.0/24, hosts different organizational production servers
    • LGW deployed in NY datacentre as lgw.dc.ny with 1 set of services/services behind it.
      • dc.ny.servers with subnet 172.168.10.0/24, hosts different organizational testing/dev servers.
  • Number of Trust paths are 3:
    • Trust path access from dc.sfo.services to user group itadmin, development
    • Trust path access from dc.sfo.servers to user groups itadmin
    • Trust path access from dc.ny.servers to user group itadmin, development

 

2.1       Prerequisites

  1. Workspace creation: Please follow steps mentioned in ”Getting Started with Workspace” Manual.
  2. Users and User groups creation: Please follow steps mentioned in ”Onboarding Users and groups” Manual.

3     SPA Use case Realisation –Steps

  1. On Service Portal admin console, click on “Gateways” as shown below
  2. On Gateway Management page, click on “Upload Gateways” as shown below.
  3. Please refer following CSV file for CSV format of gateways
  4. Select the CSV file from file browser of your local file system and click on “Open” as shown below
  5. You will see successful upload message and newly added gateways in gateways table as shown below.
  6. On Service Portal admin console, click on “Trust Paths” as shown below
  7. On Trust paths page (sub tab on User Management page), click on “Add Trust Path” as shown below.
  8. Proceed to enter all the details like Group Name (mandatory), Network Destination (mandatory), Gateway (mandatory), Allowed User Groups (multiple – user groups which can access these services/servers). Click “Save” once finished
  9. Repeat the steps 7 and 8 for all 3 Trust Paths, You will see successful addition of trust paths in trust paths table

3.1 SPA Use case Realisation – Step1

On Service Portal admin console, click on “Gateways” as shown below

3.2 SpA Use case Realisation – Step2

On Gateway Management page, click on “Upload Gateways” as shown below

3.3 SPA Use case Realisation – Step3

Please refer following CSV file for CSV format of gateway definition. The values are populated as per use case definition

3.4 SPA Use case Realisation – Step4

Select the CSV file from file browser of your local file system and click on “Open” as shown below

3.5 SPA Use case Realisation – Step5

You will see successful upload message and newly added gateways in gateways table as shown below

3.6 SPA Use case Realisation – Step6

On Service Portal admin console, click on “Trust Paths” as shown below

3.7 SPA Use case Realisation – Step7

On Trust Paths page (sub tab on Gateways page), click on “Add Trust Path” as shown below.

3.8 SPA Use case Realisation – Step8

Proceed to enter all the details like Group Name (mandatory), Network Destination (mandatory), Gateway (mandatory), Allowed User Groups (multiple – user groups which can access these services/servers). Click “Save” once finished.

3.9 SPA Use case Realisation – Step9

Repeat the steps 7 and 8 for all 3 Trust Paths, You will see successful addition of trust paths in trust paths table.

4       Next Steps

For more information, Please refer corresponding manuals.

  • Getting started with Workspace
  • Onboard Users and Groups
  • Manage Policies and Groups
  • Mange Gateways and Trust paths
  • Manage workspace settings
  • Manage Subscriptions

You can also refer other use case manuals

  1. Secure Internet Access
  2. Secure Private Access

Ready to Get Started?

Say goodbye to outdated, hardware-based niche products, with easy to use cloud-delivered Zero Trust security. 

Test Drive
About

Exium is a leading provider of SASE cybersecurity for SMB and mid-market customers. Exium’s zero-trust platform helps MSPs drive growth by meeting their clients’ security and compliance needs.

Products
Solutions
Contact Details

© 2022 Exium | All rights reserved