Modern enterprises need more than just another VPN

Let’s face facts. VPNs don’t work in the modern enterprise ecosystem. Distributed users, servers, and devices create challenges that VPNs were not meant to solve. Exposed networks, unmonitored user identities, unknown device security status, and complex switching between VPNs are just the tip of the iceberg. No company can accept the level of risk inherent in VPNs.

 

Fyde is the modern VPN replacement. Secure access and empower employees.

FydevsVpn_Landing@3x

Fyde transforms secure access to amplify security and productivity.

  Fyde VPN
  Feature NotFeatured
  Native support for trusted devices No native support for trusted devices
  Feature NotFeatured
  Generates and stores device certificate on hardware keystore Relies only on user credentials for infrastructure access
  Feature NotFeatured
  Sends a CSR to Management Console to register device and establish trust Depends on 3rd-party tools like MDM to establish a native version of trusted devices
  Feature NotFeatured
  Validates every access request against current security and compliance policy Requires enrollment to corporate MDM to determine trusted devices
  Feature NotFeatured
  Deploys conditional and contextual trust Static trust architecture
  Feature NotFeatured
  Certificate management is built-in for both device and infrastructure components Certificate management is difficult and requires 3rd-party tools
  Fyde VPN
  Feature NotFeatured
  Access resources not the entire network. Direct trusted users to the information they need, whether in a VPC, data center or on-premises without increasing risk VPN clients can act as patient zero on your network, increasing the potential attack surface exponentially. A compromised VPN client, residing on a VLAN with complete network access, can launch attacks on other clients on the same VLAN, ultimately exposing every routable VM/workload
  Feature NotFeatured
  Connect to multiple infrastructure sites without switching access profiles Requires user to switch between VPN configurations to access multi-site environments
  Feature NotFeatured
  Confirm or deny access based on user role and device attributes: RBAC+ABAC. Example: User A in Group B with Device C that complies with policy D can access resource Implements network segmentation, a painful and error-prone approach that requires 3rd party or custom tools. Limits ability to access dynamic, modern resources like Kubernetes workloads
  Fyde VPN
  Feature NotFeatured
  Continuously monitors device and logs network metadata at the device level (network DVR) Lacks visibility into device security status before starting active VPN session
  Feature NotFeatured
  Enforces policy that requires searching for a comprehensive IOC (indicators of compromise) list in network history before granting access Cannot integrate with a local security agent as part of an access policy
  Feature NotFeatured
  Conducts retrospective search for IOC Provides only single point in time access to device security state. Any change to the device security state is not reflected in the active session.
  Feature  
  Detects if the device has ever exchanged information with a phishing site: e.g. mycompany.oktaa.com  
  Feature  
  Detects if the device has ever generated APT x C&C traffic  
  Fyde VPN
  Feature NotFeatured
  Role-based access control enhanced with attribute-based access control Role-based access control (RBAC) only. Access tokens can be permanent or long-lived, creating additional risk as VPNs do not natively support re-auths and step-up auths
  Feature NotFeatured
 

Rich attribute support:

  • Permissions: verify user/resource
  • Device: type, model, OS, end-of-life
  • Jailbreak
  • Authentication: configured touch/face ID & passcode
  • Wi-Fi SSID and location
Minimal contextual, actionable information about location, network, and device
  Fyde VPN
  Feature NotFeatured
  Built-in defense for intermittent connectivity Sustained disconnects force application layer timeouts
  Feature NotFeatured
  Consistent session stability unaffected by change in source IP Frustrating, painful experience for users, especially mobile workers such as utility field workers, insurance adjusters, law enforcement
  Feature NotFeatured
  Local proxy on device side and access proxy on infrastructure side can maintain session during dropped connections Time wasted on repetitive VPN reconnects and app reloads, costing organization valuable employee productivity
  Fyde VPN
  Feature NotFeatured
  Intercepts and blocks Internet-borne threats on the device with patent-pending technology Requires integration with a costly point solution like Bluecoat, Websense, or Zscaler, to address threats in real-time
  Feature NotFeatured
  Preserves corporate network bandwidth and speed Lacks capability to provide protection from Internet-borne threats due to split-tunnel configuration
  Feature NotFeatured
  Eliminates latency that can negatively impact user experience Adds significant congestion to corporate network; degrades bandwidth utilization
  Feature NotFeatured
  Protects employee privacy, increasing adoption Creates significant latency for users and increases battery consumption
  Feature NotFeatured
  Evaluates security state and posture of trusted devices in real-time. First-of-its-kind continuously updated content-filtering to identify new threats Generates employee privacy concerns that may slow adoption
  Fyde VPN
  Feature NotFeatured
  Delivers a built-in policy remediation agent that operates directly on the edge Requires additional point solution to offer any form of NAC functionality
  Feature  
  Works everywhere, on the corporate network or on the go  
  Feature  
  Provides autonomy to users to solve their own access issues. Fyde offers a step-by-step guide to fix issues and regain access. For example: If access is denied to Gitlab due to FileVault being disabled, Fyde will share the steps to enable disk encryption  

Fyde

Feature
Native support for trusted devices
Feature
Generates and stores device certificate on hardware keystore
Feature
Sends a CSR to Management Console to register device and establish trust
Feature
Validates every access request against current security and compliance policy
Feature
Deploys conditional and contextual trust
Feature
Certificate management is built-in for both device and infrastructure components

 

VPN

NotFeatured
No native support for trusted devices
NotFeatured
Relies only on user credentials for infrastructure access
NotFeatured
Depends on 3rd-party tools like MDM to establish a native version of trusted devices
NotFeatured
Requires enrollment to corporate MDM to determine trusted devices
NotFeatured
Static trust architecture
NotFeatured
Certificate management is difficult and requires 3rd-party tools

Fyde

Feature
Access resources not the entire network. Direct trusted users to the information they need, whether in a VPC, data center or on-premises without increasing risk
Feature
Connect to multiple infrastructure sites without switching access profiles
Feature
Confirm or deny access based on user role and device attributes: RBAC+ABAC. Example: User A in Group B with Device C that complies with policy D can access resource

 

VPN

NotFeatured
VPN clients can act as patient zero on your network, increasing the potential attack surface exponentially. A compromised VPN client, residing on a VLAN with complete network access, can launch attacks on other clients on the same VLAN, ultimately exposing every routable VM/workload
NotFeatured
Requires user to switch between VPN configurations to access multi-site environments
NotFeatured
Implements network segmentation, a painful and error-prone approach that requires 3rd party or custom tools. Limits ability to access dynamic, modern resources like Kubernetes workloads

Fyde

Feature
Continuously monitors device and logs network metadata at the device level (network DVR)
Feature
Enforces policy that requires searching for a comprehensive IOC (indicators of compromise) list in network history before granting access
Feature
Conducts retrospective search for IOC
Feature
Detects if the device has ever exchanged information with a phishing site: e.g. mycompany.oktaa.com
Feature
Detects if the device has ever generated APT x C&C traffic

 

VPN

NotFeatured
Lacks visibility into device security status before starting active VPN session
NotFeatured
Cannot integrate with a local security agent as part of an access policy
NotFeatured
Provides only single point in time access to device security state. Any change to the device security state is not reflected in the active session

Fyde

Feature
Role-based access control enhanced with attribute-based access control
Feature
Rich attribute support:
  • Permissions: verify user/resource
  • Device: type, model, OS, end-of-life
  • Jailbreak
  • Authentication: configured touch/face ID & passcode
  • Wi-Fi SSID and location

 

VPN

NotFeatured
Role-based access control (RBAC) only. Access tokens can be permanent or long-lived, creating additional risk as VPNs do not natively support re-auths and step-up auths
NotFeatured
Minimal contextual, actionable information about location, network, and device
 

Fyde

Feature
Built-in defense for intermittent connectivity
Feature
Consistent session stability unaffected by change in source IP
Feature
Local proxy on device side and access proxy on infrastructure side can maintain session during dropped connections

 

VPN

NotFeatured
Sustained disconnects force application-layer timeouts
NotFeatured
Frustrating, painful experience for users, especially mobile workers such as utility field workers, insurance adjusters, law enforcement
NotFeatured
Time wasted on repetitive VPN reconnects and app reloads, costing organization valuable employee productivity
 

Fyde

Feature
Intercepts and blocks Internet-borne threats on the device with patent-pending technology
Feature
Preserves corporate network bandwidth and speed
Feature
Eliminates latency that can negatively impact user experience
Feature
Protects employee privacy, increasing adoption
Feature
Assesses security state and posture of trusted devices in real-time. First-of-its-kind continuously updated content-filtering to identify new threats

 

VPN

NotFeatured
Requires integration with a costly point solution like Bluecoat, Websense, or Zscaler, to address threats in real-time
NotFeatured
Lacks capability to provide protection from Internet-borne threats due to split-tunnel configuration
NotFeatured
Adds significant congestion to corporate network; degrades bandwidth utilization
NotFeatured
Creates significant latency for users and increases battery consumption
NotFeatured
Generates employee privacy concerns that may slow adoption

Fyde

Feature
Delivers a built-in policy remediation agent that operates directly on the edge
Feature
Works everywhere, on the corporate network or on the go
Feature
Provides autonomy to users to solve their own access issues. Fyde offers a step-by-step guide to fix issues and regain access. For example: If access is denied to Gitlab due to Filevault being disabled, Fyde will share the steps to enable disk encryption

 

VPN

NotFeatured
Requires additional point solution to offer any form of NAC functionality

Fyde 
Features

See how we compare to other solutions