Recently, the international authority Forrester released "The Zero Trust Platforms Landscape, Q2 2023" (hereinafter referred to as the "report"), which conducted a comprehensive evaluation of 29 zero trust solution providers around the world. With its iOA zero trust security solution, Tencent was selected into the report, becoming the only zero trust vendor in China selected.
In the report, Forrester defines a "zero trust platform" as: using a unified security technology as a base to support the operation of upper-level security tools, applications or processes, and promote the implementation of a zero trust model. A zero trust platform includes integrated products from a single vendor's product portfolio and third-party vendor technology integration to build a zero trust technology ecosystem.
Tencent is one of the first Internet companies in China to practice zero trust. It was launched internally in 2016, and in 2017 it began to realize Tencent's internal workplace and office integrated security platform. Especially during the COVID-19 epidemic in 2020, Tencent Zero Trust iOA supports Tencent's global 10W+ devices to access office anytime and anywhere, achieving zero safety accidents. Tencent iOA has also become the largest self-developed and self-used zero trust solution in China.
Not only that, Tencent also exported iOA products and capabilities to promote the implementation of the zero trust concept in China. Currently, Tencent iOA supports public cloud and privatized access modes. The modules cover SDP access, access control, identity security, terminal security, data security, etc., and provide modular combinations for sale in an integrated platform.
With mature product capabilities and commercial delivery capabilities, Tencent Zero Trust iOA has been widely recognized by thousands of customers in more than a dozen major industries including the Internet, finance, government, education, insurance, real estate, logistics, medical care, industry, and energy. The deployment scale reaches millions, becoming the first zero-trust product in China to deploy more than one million terminals.
Specifically, Tencent Zero Trust iOA has the following four advantages:
1. Access is more secure, stable and efficient
Trusted Access: More efficient, secure, and stable connection between people and businesses in any location
Core competencies: business stealth, intelligent rights management, adaptive risk access control, global acceleration
Access is more secure: Tencent Zero Trust iOA has the industry's exclusive enhanced SDP, which supports full port hiding of the master control and gateway to achieve complete invisibility to the outside world; supports UDP/TCPSYN/ICMP three knocking methods to adapt to complex network scenarios; has The industry's exclusive intelligent authority management capability, combined with adaptive risk access control, helps enterprises realize "minimize authorization on demand" and fully balance "business" and "security".
More efficient access: Tencent Zero Trust iOA has industry-leading adaptive multi-factor authentication capabilities, almost unlimited flexible multi-factor authentication combinations, and supports multi-platform pan-end clients and client-free access. Support multiple delivery methods of public cloud and private cloud, and help enterprises quickly deploy and implement a zero-trust system for various business scenarios.
More stable access: Support Tencent Cloud global network acceleration service, realize stable and fast access, and senseless expansion; solve problems such as cross-border cross-operator access lag or excessive delay. In addition, Tencent iOA can form a joint solution with Tencent EdgeOne products. Compared with the general zero-trust vendor + CDN solution, Tencent's joint solution has WAF and DDoS security protection services, which is more secure.
2. Three-dimensional defense, not afraid of threats and attacks
Threat Protection: Focus on advanced intrusion threats to create a simpler and more effective threat protection capability
Core Competencies: Antivirus, Vulnerability Defense, Popular Threat Protection
All-scenario defense against attacks: Tencent Zero Trust iOA has full-scenario protection capabilities such as anti-ransomware, anti-intrusion, and re-insurance scene protection. Through more than 20 years of actual offensive and defensive combat, Tencent has accumulated a lot of technology and experience in virus detection and killing, vulnerability repair, and security compliance strategies; in terms of known virus threat protection, Tencent iOA adopts dual-cloud plus TAV multi-engine detection and killing mode, Cover more killing scenarios.
Protection against unknown threats: In terms of protection against unknown threats, Tencent Zero Trust iOA conducts intelligent interception through active defense and interception capabilities. Tencent Zero Trust iOA has an artificial intelligence heuristic engine TVM combined with international patents and an active defense cloud engine, which can make comprehensive risk judgments based on a series of behavioral characteristics of samples. Its monitoring and judgment capabilities are supported by the background big data training cluster. It can identify abnormal risks in a timely manner, realize active real-time interception, and ensure the security and credibility of the terminal environment.
The industry's first four defense and confrontation mechanisms: Aiming at the threats posed by ransomware viruses, Tencent Zero Trust iOA detects and defends from four links: the source of the virus landing, virus startup, virus damage, and file recovery after virus damage, ensuring that the user terminal can reach the virus No landing, virus startup and damage monitoring interception, and damaged files have the protection effect of backup and recovery.
3. Multi-platform terminals, worry-free security management
Security management: provide customers with more refined and effective office security threat prevention capabilities
Core Competencies: Asset Management, Vulnerability Management, Asset Compliance Baseline
Full management and control of multi-platform terminals: Tencent Zero Trust iOA supports Windows, MacOS, Linux, Android, iOS, and Xinchuang multi-system, which can realize seamless switching between multiple terminals; unified UI and user experience on all platforms; unified identity authentication module and authentication system, etc. Helping enterprises to work agilely.
Effective management of data security: Tencent Zero Trust iOA has modules such as watermark, work sandbox, and transparent encryption and decryption, which can effectively manage data security according to usage scenarios and data formats.
Software genuine management: Tencent Zero Trust iOA has the ability to identify, control and report risky software, realize software genuine management, and eliminate the risk of using pirated software.
4. Risk control, fast linkage response
Risk control: more comprehensive and easier-to-use threat source tracing and risk control
Core competencies: advanced threat detection, incident investigation and source tracing, etc.
User risk behavior analysis and control: Tencent Zero Trust iOA applies security big data and AI modeling analysis, and conducts multi-dimensional continuous analysis of the behavior of key objects such as users and entities, enabling earlier threat detection in security operations.
XDR full linkage response: Tencent Zero Trust iOA has its own EDR capability, which forms a "device-network-cloud" XDR linkage response closed loop with NDR and cloud-native security. Adaptive security is constructed with the security cloud brain as the center. Once a risk is discovered, it can be quickly linked to block the response.
In the past few years, Tencent Zero Trust iOA has realized the functions of zero trust network access, workplace security, identity security, terminal security management, data security and other dimensions through the product strategy of the integrated terminal, which basically meets the needs of most common users. Customized requirements of cloud customers and privatization customers.
Not only that, Tencent Zero Trust iOA has a rich product matrix, covering SaaS version, integrated version, control version, etc., and has corresponding delivery solutions for large, medium and small customers. Enterprises can choose products according to their own business scenarios and needs. Recently, Tencent iOA launched a new and upgraded SaaS version, helping enterprises create a secure office environment anytime, anywhere with one click, and get rid of the shackles of IT infrastructure.
In the future, Tencent Zero Trust iOA will continue to invest in research and development, upgrade and optimize product functions, and open up the ecology, and build together with various manufacturers to continue to provide customers with zero trust network access solutions with more complete functions and better experience, and promote zero trust. The accelerated implementation of ideas in China.