This article will guide you through getting started with New Edge to secure access to your business applications and services. The objective of this article is to provide New Edge administrators an introduction to adding users, publishing enterprise services and defining policies to control access to those services. Your users will then be able to register their devices through a simple self-service process. The entire setup should take around 30 minutes.
New Edge’s Secure Application Network is a zero-trust networking service for Hybrid IT. New Edge gives you the ability to securely publish private enterprise applications without making those applications or your infrastructure publicly available on the Internet.
To begin, sign in to New Edge with your administrator account – https://<mycompany>.newedge.io/admins/sign_in.
Create an End User
New Edge end-user accounts are distinct from administrator accounts. End users include anyone associated with your organization, like employees, IT or DevOps staff, contractors and other third-parties who need access to your enterprise applications.
Click End Users in the left sidebar menu.
Click + New End User.
Enter an end-user email address in the Username field.
(Email field will be filled in automatically)
Enter first and last names in the First name and Last name fields.
Make sure the Active checkbox is checked.
Click Save End User
Create an Access Policy
Access Policies allow New Edge administrators to define a set of criteria end-user devices must meet before New Edge will connect them to your enterprise services. For example, you may define a policy to allow end users to connect to services as long as their devices have an up-to-date operating system – if devices are not up-to-date, New Edge will block access.
Click Access Policies in the left sidebar menu.
Click + New Access Policy.
Enter a name for the access policy in the Name field, e.g. “Contractor Access”.
Click Save Access Policy.
Additional tabs will appear
Click the Windows Policy tab – we suggest starting with a simple policy.
Check Allow Windows devices.
Enter Minimum OS version, e.g. 10.0 (New Edge supports Windows 10 and later)
Click Save Windows Policy
(To start with macOS or iOS, then follow the same steps on the appropriate tab)
Create a Service
A service is any TCP or UDP resource that you want to make available to your end users securely. Examples of services are private web applications, developer access to a database management system, RDP access to a Windows Server, SSH access to a Linux server, etc.
Click Services in the left sidebar menu.
Click + New Service.
Enter a name in the Name field, e.g. “MyWebApp”, “PostgreSQL DBA”, etc.
Enter a hostname or IP address in the Host field, e.g. mywebapp.example.com.
Select TCP from Protocols.
Enter a port number, e.g. “80”, “443”.
Select your Access Policy, e.g. “Contractor Access”, in the Access Policy field.
Leave the primary and secondary Publisher fields blank.
Click Save Service.
Additional tabs will appear.
Click the End Users tab.
Find your end user in the Unassigned End Users list.
Click the + next to your end user to assign him or her to this service.
Your end user should now appear in the Assigned End Users list.
Create a Publisher
Publishers are New Edge software components which are deployed in your virtual network at your public cloud provider (e.g. AWS VPC) or internal network in your private datacenter. Publishers make your private applications and services available to authorized users and devices without granting network access.
Click Publishers in the left sidebar menu.
Click + New Publisher.
Enter a name in the Name field, e.g. “AWS VPC 1”.
Click Save Publisher.
Additional tabs will appear.
Click the Services tab.
Find your service in the Unassigned Services list.
Click the + next to your service to assign it to this publisher.
Click the Register tab.
Click Generate to generate a registration token.
Click Copy to copy the registration token to your clipboard.
Deploy a Publisher in AWS
The following section provides instructions for deploying a New Edge Publisher in AWS. If you need to deploy a publisher in your private datacenter, please refer to our article on how to deploy in your datacenter.
Launch an EC2 Instance
Sign in to your Amazon Web Services (AWS) console.
Click Services -> Compute -> EC2.
Click Instances in the left sidebar menu.
Click Launch Instance.
Choose an Amazon Machine Image (AMI)
Click Community AMIs in the left sidebar menu.
Enter “Publisher” in the Search Community AMIs search bar.
New Edge Publisher 1.x.x should appear in the search results.
Choose an Instance Type
Click Select t2.micro as the instance type.
Click Next: Configure Instance Details.
Configure Instance Details
Enter “1” in the Number of instances field.
Select the VPC where the application you want to publish via New Edge is deployed in the Network field.
Keep the default values for the remaining fields.
Click Advanced Details to expand this section.
In the User data section, select the As text option.
Paste the publisher registration token from Create a Publisher step 6 into the user data text field.
Add a Name Tag
Adding a name tag optional, but doing so will make it easier to identify your New Edge Publisher EC2 instance later.
Click the Add Tags tab, near the top of the page.
Click Add Tag.
Enter the word “Name” in the Key field.
Enter “New Edge Publisher” in the Value field.
Click Review and Launch.
Review Instance Launch
Review the information in the AMI Details Instance Type sections.
Select or create a key pair.
Click Launch Instances.
Review the information on the Launch Status page.
Click View Instances.
You should now see a new EC2 instance with the name “New Edge Publisher” (if you completed the “Add a Name Tag” steps).
AWS typically takes several minutes to launch EC2 instance and run status checks. Wait until your Instance State is “Running” and Status Checks have passed.
Registering End User Devices
End-user devices connect to your enterprise applications and services through the New Edge Cloud. End users download the New Edge app on their devices and follow a simple sign-on process to register their devices with your organization account. Only after New Edge has authenticated end users, determined which applications they are authorized to access, and evaluated the security posture of their devices will connections to your private applications be permitted.
Enter your end-user email address in the Email field.
Click Sign in.
New Edge Support will send an email to your end user account.
Open the email and click Launch New Edge >
(Your sign-in link will expire in 24 hours, and can only be used once.)
If prompted by your browser, click Open New Edge
When prompted to “…Add VPN Configurations”, click Allow.
The New Edge app should now have a secure connection to the New Edge Cloud.
At this point, you should be able to access the private application you defined in the “Create a Service” steps from your registered end-user device. If you published a web app, open a browser and navigate to your app (e.g. http://mywebapp.example.com). If you published another type of enterprise application or service, such as SSH or RDP or a SQL database, then open the app or utility you typically use to access this service.
New Edge is here to help you be successful in securing private applications in your cloud or datacenter. If you’re having trouble getting started with New Edge, or just want to learn more, contact us to request a live demo and product overview. You can also email us for support.
Try New Edge Free for 30 Days
New Edge is the best way to provide secure access to both cloud and datacenter services. Contact us, to learn more about how we can help secure your critical application infrastructure.