Create a web VPN connection for a Hybrid-cloud

Thinfinity® Web Application Gateway (WAG): The Most Advanced SSL VPN for Seamless and Secure Remote Access

Picture of Micaela Asaad
Micaela Asaad

Solution Engineer

Thinfinity® Web Application Gateway (WAG): The Most Advanced SSL VPN for Seamless and Secure Remote Access

Introduction

As a solution engineer with years of experience tackling remote access challenges, I’ve seen firsthand how traditional VPNs often fall short. They’re cumbersome, resource-heavy, and prone to security vulnerabilities. Thinfinity’s Web Application Gateway (WAG) changes the game. It’s a next-generation SSL-based web VPN that brings simplicity, high security, and efficiency to remote access—all without the headaches of conventional solutions. WAG delivers the kind of secure, seamless access that modern organizations need, and it’s designed to meet the growing demands of today’s digital work environments.

 

What is Web Application Gateway (WAG)?

Thinfinity’s Web Application Gateway is a powerful SSL VPN that allows internal web applications to be streamed directly to the user’s browser without needing VPN clients, point-to-point connections, or reverse proxies. This approach not only simplifies remote access but also minimizes security risks that are common with traditional VPN setups.

With WAG, organizations can provide fast and secure access to internal resources without the need for complicated network configurations or client software installations. Instead, WAG utilizes a secondary broker on the target network, making it a highly efficient remote access solution that doesn’t compromise security.

 

Why Choose Thinfinity® WAG Over Traditional VPNs?

Thinfinity’s WAG has several key advantages over traditional VPNs:

Clientless Connection

Unlike traditional VPNs, which require installing and managing client software, WAG offers a clientless experience. Users can simply connect through their browser, reducing administrative overhead and support costs.

No Point-to-Point Complexity

Traditional VPNs depend on point-to-point connections, which often lead to higher latency and potential points of failure. WAG uses a more direct streaming approach from the internal application to the user, eliminating these complexities.

Secure SSL Encryption with TLS 1.3

WAG uses industry-standard SSL encryption with TLS 1.3 to ensure data integrity and privacy during transmission. All traffic passes through the Thinfinity Gateway, which can be deployed in either the cloud or a DMZ. By utilizing reverse connections only, WAG keeps the target network hidden from attackers, making it accessible only through Thinfinity.

Simplified Management

Thinfinity WAG leverages a secondary broker to handle secure access. This broker manages authentication, authorization, and access control, ensuring users only have access to permitted applications. This makes managing remote access much easier for IT teams.

 

How Does Thinfinity® WAG Work?

Thinfinity relies on the Thinfinity Gateway to establish reverse connections from the target network without opening inbound ports. The Gateway can be deployed in the cloud or a DMZ, while the Broker or Secondary Broker is installed within the target network where the web applications are hosted. The Broker or Secondary Broker connects reversely to the Gateway, establishing a TLS 1.3 encrypted reverse cloud tunnel. This setup allows users to interact with the intranet applications while keeping the target network completely invisible to potential attackers.

  1. Deployment: Install Thinfinity’s Secondary Broker within the network where your internal web applications are hosted. This broker acts as the communication point between the end-user’s browser and the web application, ensuring safe and smooth access.
  2. Connection: Users access WAG via a web browser, and the Secondary Broker authenticates the user’s credentials to establish a secure connection.
  3. Streaming Over TLS 1.3: After successful authentication, the intranet web application is streamed securely using TLS 1.3 encryption, allowing the user to access it without any complicated network changes or software installations.

Key Benefits of Using Thinfinity® WAG

Enhanced Security with SSL Encryption

WAG avoids point-to-point communication and eliminates the need for VPN client software, reducing the attack surface. SSL encryption using TLS 1.3 ensures data remains protected, while reverse connections hide internal networks from potential attackers.

Flexibility for All Work Scenarios

Whether your employees are working remotely, on-site, or in a hybrid setup, WAG ensures easy and secure access to internal resources.

Simplified User Experience

Users can access internal applications through a standard web browser, eliminating the need to install additional software. This reduces friction and improves productivity.

Reduced Complexity for IT Management

For IT administrators, Thinfinity’s Secondary Broker makes deployment straightforward and keeps the need for major changes to network infrastructure to a minimum.

 

Use Cases for Thinfinity® Web Application Gateway

Thinfinity Web Application Gateway is an ideal solution for several remote access scenarios, thanks to its focus on current trends in secure connectivity, including Clientless VPN, Secure Remote Access, Hybrid Cloud Security, and Zero Trust Network Access (ZTNA).

Secure Remote Access to Intranet Applications: Enterprises can use WAG to provide secure access to internal HR, finance, and other important applications, ensuring remote workers stay productive without compromising security.

Third-Party Vendor Access: Vendors and partners can be granted temporary access to specific web applications, giving you tight control over what they can access. This helps maintain compliance while avoiding the risks of full VPN access.

Hybrid Workforce Enablement: Modern work environments require adaptability. WAG enables users to access needed resources securely from anywhere, which is ideal for companies moving towards a hybrid workforce model.

SSL VPN vs. IPSec VPN: Which is More Secure?

When considering VPN solutions, SSL VPNs and IPSec VPNs are the primary choices. However, SSL VPNs like Thinfinity WAG are generally considered more secure and flexible:

Clientless Access: SSL VPNs allow clientless access using standard web browsers, unlike IPSec VPNs that require installing dedicated client software.

Granular Access Control: SSL VPNs can control access to specific applications, while IPSec VPNs typically provide broad, network-level access.

Modern TLS Encryption: SSL VPNs use TLS, which is better suited for modern web traffic. TLS 1.3, implemented in WAG, provides enhanced security compared to older IPSec methods.

How Does an SSL VPN Work?

An SSL VPN works by creating an encrypted tunnel between the user’s browser and the internal network using the SSL or TLS protocol. Thinfinity WAG uses TLS 1.3 to guarantee secure access to internal applications. It relies on Thinfinity’s Secondary Broker and the Thinfinity Gateway to route encrypted communications securely, ensuring that users access only specific resources without exposing the entire network.

 

Fortigate SSL VPN Alternative: Thinfinity® WAG

If you’re searching for a viable alternative to Fortigate SSL VPN, Thinfinity Web Application Gateway offers an excellent option. It delivers the benefits of SSL VPN with enhanced simplicity, scalability, and security. Unlike traditional solutions, Thinfinity WAG does not require client software, relies on reverse connections for better security, and works seamlessly across cloud and on-premise environments.

How to Get Started with Thinfinity® WAG

Implementing Thinfinity’s Web Application Gateway is simple. Start by deploying the Thinfinity Primary or Secondary Broker within your internal network. The broker handles secure connections, ensuring that only authorized users access your resources. From there, users can start securely streaming web applications directly to their browser without any hassles.

You can follow a comprehensive tutorial on how to get started here 

 

Conclusion: Simplify Secure Access with Thinfinity® WAG

Thinfinity’s Web Application Gateway (WAG) is redefining secure remote access for modern organizations. With clientless SSL-encrypted connections to internal applications, WAG does away with the complications of traditional VPNs while maintaining high levels of security. Its easy deployment, flexibility, and scalability make it an ideal solution for businesses aiming to improve how they handle remote access.

Move beyond outdated VPNs and embrace the future of secure remote access with Thinfinity WAG. Whether it’s supporting a hybrid workforce or providing secure third-party access, WAG offers a simple yet secure way to keep your business operating smoothly.

Have any questions?

Book a call today to learn more about how Thinfinity® can help your organization. We are always available to guide you and provide the best solution based on your specific needs.

Add Comment

Thinfinity_logo

Get a Demo

Experience how Universal ZTNA with Thinfinity® integrates with VDI and DaaS for unmatched security and flexibility.

Blogs you might be interested in

<span>Application Security</span>, <span>Clientless VPN</span>, <span>Connectivity</span>, <span>Enterprise Solutions</span>, <span>Enterprises</span>, <span>Hybrid Cloud Security</span>, <span>Hybrid Work</span>, <span>IT Infrastructure</span>, <span>IT Security Fundamentals</span>, <span>RBAC</span>, <span>Reverse SSL Tunnel</span>, <span>Secure Application Delivery</span>, <span>Secure Remote Access</span>, <span>Secure Web Access</span>, <span>SSL VPN</span>, <span>Thinfinity Workspace</span>, <span>TLS 1.2</span>, <span>TLS 1.3</span>, <span>TLS Encryption</span>, <span>VPN Alternatives</span>, <span>Web Application Gateway (WAG)</span>, <span>Web-Based Applications</span>, <span>Web-Based Remote Access</span>, <span>Zero Trust Architecture</span>, <span>Zero Trust Network Access (ZTNA)</span>, <span>Zero Trust Security</span>