FEATURES | HOW IT WORKS

How it Works

Administrative Portal for Service Providers

Our dedicated administrative portal empowers service providers to efficiently enroll their SMB customers, whether individually or in bulk. Required information such as company details, pricing, and administrative/billing contacts can be provided. Service providers benefit from a dedicated multi-tenancy dashboard for streamlined customer enrollment and management.

The Service Provider registers their companies with the following information: name, logo, pricing information, time zone, administrative contact, and billing contact.

When a new company is registered, a customizable Welcome, personalized email is automatically sent to the company administrator. Customizable invoices are sent out monthly.

Historical revenue reporting can be requested for current month, previous month, and the previous six months.

There is a convenient display listing all companies, along with the number of users and devices that have been registered by each company.

Company Administrative Portal

Our comprehensive administrative portal equips companies with the tools to efficiently manage various functionalities as outlined below.

    • Users can be registered individually or in bulk, providing essential details such as name, email, group affiliation, and initial password.
    • Organizational units, known as groups, define permissions for accessing IT resources.
    • Company administrators can list the networks utilized by the organization, specifying user-friendly network names, type (LAN, AWS/Azure/Google Cloud), and Gateway type (Windows or Linux).
    • Remote WorkForce generates dedicated Gateways, which are simple applications installed on a server in each network.
    • Gateways automatically report network access information, including public IP address, internal subnet IP address, and DNS server IP.
    • Outbound connections to Remote WorkForce servers are established by Gateways, eliminating the need for open ports on firewalls.
    • Users receive enrollment notifications via email, along with a download link for the Remote WorkForce app, which is available for PC, Mac, iOS, or Android devices.
    • The app encrypts all communications to and from the device, connecting securely to Remote WorkForce servers for accessing company resources.
    • Administrators can initiate Discovery Mode, allowing Remote WorkForce to search defined networks for requested resources.
    • Discovered resources are automatically cataloged with network names and IP addresses.
    • Administrators assign permissions, controlling access to company resources for each group.
    • Operating Mode enforces Zero Trust restrictions, ensuring unauthorized users cannot view restricted resources.
    • Remote WorkForce offers malware filtering to prevent access to known sources of viruses and phishing attacks.
    • Customizable domain blocking allows filtering of domains such as social media sites during work hours.
    • Remote WorkForce automatically tracks user connection time, as a proxy for work hours.
    • Detailed reports on online activities can be generated for specific users or company-wide on a daily basis.
    • Real-time reports provide insights into network activity, connected users, resource access, and alerts.

Group Definition and User Registration

Groups are usually names of organizational units and are used to organize various lists of users and to control ZTNA access.

Users, either individually or in bulk, are registered with the following information: name, group, email address, and initial password.

Provisioning User Devices

Newly registered users are automatically sent emails, instructing them to use Remote WorkForce whenever they are doing company work and inviting them to download the software, which provides the encryption and decryption, to their devices.

The text of these emails are automatically personalized and may be customized by the company administrator.

Network Definition and Gateways

The networks used by the organization are initially defined with a user-friendly name, type (LAN, AWS, Azure or GCP) and Gateway type (Windows or Linux).

Remote WorkForce generates a unique identifier for each network.

Remote WorkForce then generates a Gateway which needs to be installed on a server in the network. The process is simple:

How to install the gateway

  1. Log into the Windows server where you want to install the gateway.
  2. Download the Gateway zip file to the server and unzip it.
  3. Run the RWF_Gateway_Installer.exe to install the gateway.
  4. Once done, start the UI (gateway.exe) and make sure the service (RWFGatewayService) is running.

For more information, please refer to our User Guide or contact us at networks@ZTNASupportCenter.com

The Gateway automatically reports back to Remote WorkForce the public-facing IP address, subnet IP address range, and IP for the DNS server.

This is the resulting network definition:

Automatic Routing

Users can request access to corporate IT resources as usual (bookmarks, etc.), or use the convenient menu of resources that Remote WorkForce ZTNA provides. Remote WorkForce automatically routes the request directly to the requested resource, regardless of where it is located, via a secure tunnel established for that user. Not only is Remote WorkForce ZTNA much easier to use than older solutions, it is also more secure.

Resource Discovery

Resources can be manually defined with a user-friendly name, type (app, website, RDP, SaaS or Other), domain, network, and IP address.

Typically, however, SMBs will use Remote WorkForce's convenient “Discover Mode.” During the initial startup period, Remote WorkForce watches user activity and automatically records resources requested by users and which networks they are on.

Here is an example of the results:

Zero Trust Permissions and Control

The company admin can assign permissions to each resource. Permissions are simply a list of one or more groups which are allowed to access each resource. There is a convenient pull-down menu for group assignments.

Once the resources have been defined and permissions assigned, the admin can switch to “Operating Mode". This imposes the Zero Trust Network Access so that only those users who are in groups with specific permission to access the resources can even become aware of their existence – which is the essence of ZTNA methodology.

When a user requests a resource (1), that information is sent to the Controller (2), which checks the rule base for authorization (3). If authorized, the Controller contacts the Gateway (4) for the network and requests that an outbound, secure tunnel be established between the Gateway and the VPN server that the user is connected to (5). This creates an end-to-end secure tunnel between the user's device and the Resource.

Additional features include:

  • Filtering for malware and custom block lists:
  • Reporting of times on/off network and optional detailed reports of online activities for specific employees (or all)
  • Detailed reporting on all activity including:
    • Alerts: Such as user attempts to access resources without proper permissions.
    • Network Activity: – Access to various company networks.
    • Resources accessed – How much users have accessed specific resources.
    • User Activity: Users currently connected, including the amount of data traffic generated.
    • The User Portal allows employees to change their password or request Remote WorkForce software for additional devices. There is also a convenient menu of resources which the user is entitled to access, which only requires a simple click.