Segregating All Communications From the Local Network

Passages uses a Virtual Private Network (VPN) combined with routing and firewall rules within the VM to completely isolate the VM and the browser from the local network. As part of the lockdown phase, after the Passages Virtual Machine boots but before the browser is launched, Passages establishes a VPN connection to a server located inside Ntrepid’s cloud network and outside the customer’s secure enterprise perimeter. The VM is configured so that the VPN is the only allowed network device for any Internet traffic in or out of the VM.

This restriction ensures that, were malware to access the VM, it would not be able to see, map, or attack any other infrastructure within the network.

The VPN also helps hide the user’s IP address, avoiding targeted attacks and preventing others from capitalizing on passively leaked information.

The Passages Virtual Private Network protects the local network against web delivered malware.

Maximum security can be achieved by setting up the enterprise network so the Passages VPN is the only allowed path for Internet connections outside the local network. Passages is easy to monitor and filter, making it the perfect platform for data loss prevention. Locking down other paths to the Internet forces all activity through that choke point.