4.7.1.1. Introduction

On this page, we will explore the use case of 2SRA. We will explain what 2SRA is and highlight the advantages and value it provides.

4.7.1.1.1. What is 2SRA?

OpenNAC Enterprise is the solution that provides secure access to corporate networks while mitigating the risks of identity theft.

It allows you to set:

It facilitates the adoption of the following standards and frameworks
- ISO2700x
- NIST
- ENS
- etc.

Principle of least privilege: Just users have access to the information and resources essential for the performance of their activity.
Zero Trust approach: Establishes a corporate security framework in which only authenticated and authorized users and devices can access corporate information.
Controls for attack surface: Secures remote connection through encryption and user devices.
Mitigate the risk of identity theft: Adds an extra layer of security by applying two-factor authentication (OTP) to reduce the risk of identity theft.
Reduces the risk associated with the user device: Allows the evaluation of device posture, establishing compliance with the minimum connection requirements when accessing the network.

The 2SRA configuration and operation process consists of 5 steps:

1	The user sends the corporate credentials and the OTP token to OpenNAC Enterprise for validation.
2	OpenNAC Enterprise verifies the OTP token and validates the corporate credentials against the corporate user database.
3	The device sends its posture information (antivirus version, OS patch, firewall status, etc.) and OpenNAC Enterprise verifies that the connection meets the minimum requirements.
4	The user is granted only the necessary access and permissions associated with their identity.
5	OpenNAC Enterprise monitors the VPN traffic to identify suspicious activity and anomalous performance.