Portnox Adds Passwordless Access to RDP, SSH & Consoles

Portnox has significantly broadened the capabilities of its zero trust network access platform, now enabling organizations to remove passwords from critical administrative tools. The solution now extends credential-free, passwordless access to console-based applications like Remote Desktop Protocol (RDP), Secure Shell (SSH), Virtual Network Computing (VNC), and Teletype Network (Telnet). This move directly targets a primary weakness, as stolen or compromised credentials are implicated in a vast majority of security incidents. By eliminating this vector, companies can drastically reduce breach risk without complicating the workflow for administrators and IT staff.

The shift to hybrid work models, expansive cloud environments, and new technologies continually stretches traditional security perimeters. Older methods, such as legacy VPNs that grant broad network access or credential vaults that merely store passwords, often fail to address core architectural vulnerabilities. They attempt to secure inherently risky designs rather than reimagining access for contemporary threats. Portnox’s strategy is to architect security by removing the credentials themselves, a approach validated by an independent study showing organizations achieve a 287% return on investment and a 75% reduction in breach risk. The same study noted payback often occurs in less than six months.

According to Denny LeCompte, CEO of Portnox, the expansion into console applications demonstrates the tangible outcome of a shrunken attack surface. Customers are successfully ditching passwords and outdated VPNs, which simultaneously enhances security and improves the day-to-day user experience. This alignment of stronger protection with operational simplicity is described as the true objective of a zero trust framework.

Leveraging its foundation in network access control, the enhanced Portnox ZTNA platform delivers comprehensive protection across an organization’s entire technology stack. For console access, it introduces passwordless, certificate-based authentication for protocols like RDP and SSH. The system doesn’t stop at login; it continuously monitors device posture and enforces risk-adaptive policies. If an endpoint fails to meet security standards, automated remediation occurs before any access is granted. Notably, deployment requires zero network impact, meaning no adjustments to firewalls, no VPN clients to install, and no mandatory agents.

Users benefit from a seamless access experience. They get a unified portal showing all authorized resources, whether web-based, SaaS, on-premises, or console applications, coupled with a single sign-on experience. Access is dynamically controlled through role-based and location-based policies enforced in real-time. This consolidation also simplifies endpoint management and automates numerous security workflows.

A core principle is continuous verification. Every access request is scrutinized. The platform verifies user identity through integrations with major enterprise identity providers like Okta and Microsoft Azure AD. It checks the device’s security posture against organizational policies and evaluates the context of the network and location. Each request receives a risk score, allowing for adaptive security measures. Should a device’s risk level change—for instance, if it falls out of compliance—access is automatically revoked.

With a clear industry trend showing most security leaders intend to move away from traditional VPNs in the coming years, Portnox’s latest advancements present a modern alternative. It aims to deliver the enterprise-grade security, measurable business outcomes, and operational simplicity that older VPNs and earlier zero trust solutions have struggled to provide consistently.

(Source: HelpNet Security)