The Authonet Zero Trust cybersecurity gateway imposes authentication rules on every device and user connecting to the network,
and then imposes access rules on every device/user after successful authentication. The Authonet gateway requires configuring
before it is operational. A login is required for all users and the login page can be customized.
Each device and user has a pre-programmed authentication rule which is a combination of device ID, user password and user
one-time password (OTP). The rules can be in combination. For example any user may connect on an approved device, or a user
may require 3-factor authentication (3FA), a known device, a user password and an OTP code. The purpose of the authentication
process is to prevent access to the network by people who are not authorized. For example, a criminal might steal a password
through social engineering. However if that password is associated with a 3FA account then the criminal will not get access to the network.
Once a device and user combination has been authenticated there are two levels of filtering rules.
The first level of rules are regarding the local area network. The IP addresses for the authenticated user are specified,
the range can be blocked with the exception of specific IP's, or the range can be open with specific IP's blocked. This level
of rules can be configured to prevent a criminal who has access to a Trojan virus getting access to a data server. For example,
the user has access to an application server but only the application server has access to the data server.
Each device and user is configured with individual rules permitting privilege levels to be configured for devices and users.