Thousand-person enterprise, is a software vendor, who cares about their own security. They sell both packaged software and operate a software-as-a-service (SaaS) service. They are migrating their internal IT infrastructure - including private applications supporting the business - to AWS and Azure. And they want to use this transition to Infrastructure-as-a-service (IaaS) as an opportunity to update their IT management and security tools.
They currently use VPNs for private application access, but they want to move to a Google Beyond Corp / zero-trust networking architecture. They require strong multi-factor user authentication, device posture checking, as well as access to those applications that are still in the datacenter and those running in AWS.
They have deployed a New Edge Publisher as a VMware image in their datacenter along with another New Edge Publisher in AWS. Both are managed from the New Edge console, and users get access to their applications from a mix of BYOD and corporate Windows, Mac, and iOS devices. They get strong authentication through single sign-on (SSO) to New Edge using a third-party identity and access management solution, as well as the digital certificate New Edge deploys to each registered device.