LANCOM Trusted Access Client

With LANCOM Trusted Access (LTA), you can manage access rights and network connections for mobile employees securely and centrally via the LANCOM Management Cloud. Mobile users are always allowed normal Internet traffic (Split Tunnel). To additionally secure the entire Internet traffic of connected LTA clients, activate ‘Full Tunnel’ operation. This means that all data traffic is routed through the central LTA gateway (Unified Firewall or SD-WAN gateway). The advantage: Risks from unauthorized access, malware, phishing and other cyber attacks are minimized and can also be checked for external web/cloud-based applications via activated security functions on the gateway such as anti-virus or content filters. We call this operating mode ‘Trusted Internet Access’.

Before a user is granted access, endpoint security can be verified (operating system version, anti-virus, local firewall). Each user must also have their identity verified before being granted access to an application or resource. Applications and resources are not made visible network-wide, making the network invisible to attackers. Additionally, two-factor or multi-factor authentication with fingerprint, facial recognition, or an authentication app on the smartphone may be required at login.

User authentication is performed via a central user database (“identity provider“, e.g. an Active Directory such as Microsoft Entra ID (formerly Azure AD)). User groups taken over from the identity provider can be provided with individual access rights to the permitted applications. The validity period of an authentication can be set, and clients can also be blocked manually or automatically. For small companies without a central user database, user management integrated into the LANCOM Management Cloud is available as an alternative.

The LANCOM Management Cloud (LMC) provides fully integrated management of all LANCOM network components (routers / gateways, firewalls, switches, and access points) including the LANCOM Trusted Access Client. The management of the underlying security policies for all users in the network is also carried out centrally via the LMC. A LANCOM Trusted Access Real-Time Dashboard is available to administrators for comprehensive diagnostics and troubleshooting. The dashboard displays active connections with user name, IP address, device name, and user group, and provides additional information such as compliance status and last login. Furthermore, clients can be blocked both manually and automatically, information on the number of users and blocked connection requests is available, as well as central license management and monitoring.

The LANCOM Trusted Access Client handles the login processes for passwordprotected applications: Via single sign-on (SSO), users can access external web applications conveniently and securely after logging on once to the Active Directory – without having to re-enter their credentials. This ensures particularly user-friendly and fast work processes.

The LANCOM Trusted Access Client and the LANCOM Management Cloud (LMC) are developed in Germany, and all cloud data is also hosted in data centers in Germany. Only the data exchange for user authentication takes place via the LMC; all other user data runs directly between the LANCOM Trusted Access Client and the LANCOM Trusted Access Gateway – without decoupling via an external cloud. The LANCOM Trusted Access Client thus stands for the highest level of data security and data protection. It is subject to and complies with European legal standards, is therefore DSGVO compliant, and is a convincing IT security solution engineered in Germany.