Oplon Secure Access is out.

 Update →

Request a demo

ARTICLE BLOG

The New Paradigm for Accessing IT Resources

Back to blog
  • May 5, 2026
  • Reading time: 8 min
Schema_01

Oplon Trusted Connection is a built-in feature of Oplon Client that enables intelligent application-level access and connects people to resources, not networks. It represents a concrete step toward modern security without abandoning the networking practices that have been established over time.

The world of VPNs is changing. But the past still matters

For years, we have been witnessing a profound transformation in the way companies manage remote access. Traditional VPNs, which have been reliable tools for decades, are giving way to next-generation connectivity models based on principles such as Zero Trust, contextual access, and network micro-segmentation.

Yet, the operational realities of businesses consist of systems that are already installed, configured, and tested: network infrastructure, management applications, legacy servers, and internal tools that aren’t updated every quarter—especially in large organizations. Replacing everything isn’t always possible, nor does it make sense. For this reason, compatibility must be ensured in order to get the best of both paradigms.

The question we asked ourselves is simple:

how can we bring the benefits of modern security to even thoseto what exists alreadyexists?

Trusted Connections: Secure Access Without Exposing the Network

Oplon Trusted Connections is a secure tunnel that runs over HTTPS, the web protocol, and allows users to access their remote network securely, without requiring complex VPN clients or invasive network configurations.

Unlike a traditional VPN, which effectively “immerses” the user in the entire corporate network—with all that entails in terms of exposure and attack surface—Trusted Connection is designed with a more selective and controlled approach.

Schema_01

The new approach to integration: connecting people to resources, not to networks

With our latest update, we have introduced an intelligent application layer within Trusted Connection. The result is a system that combines the robustness of network infrastructure with the precision of the application layer.

Specifically, here’s what has changed:

  • Access no longer occurs “within the network,” but through the Oplon Reverse Proxy, which acts as an intelligent control point with policies for managing usage time windows and deep tracing.
  • Each connection establishes a direct point-to-point connection from the Oplon Client to a service (ZTNA).

How will we bridge the gap between the past and the security requirements of today?

It automatically uses one or more dedicated, isolated containers, which can be configured to meet security and network segmentation requirements.

The Container can provide visibility from a single endpoint to an entire network or subnet. It is essentially an “encapsulated” VPN that can be configured to use existing DHCP servers and perform DNS registration/removal by associating the client/user with the IP address where necessary.

Schema_02

With direct browser access, how can we leverage our existing network security infrastructure?

Web browser-based access provides access to IT services with a level of isolation unprecedented in the Internet environment. The difference in security compared to a VPN is clear, but even in this case, large organizations have established network security practices.

Using a simple yet effective technique, Oplon Secure Access—which relies solely on web browsers—can integrate with existing network security infrastructure while maintaining compatibility.

How does it work?

Each browser views and interacts with a service hosted in the data center as if it were a “smart TV”—that is, a TV capable of interacting: it acts as an intermediary. The actual “client” service, which connects to an RDP or SSH service, is actually located within the Oplon Secure Access appliance, which connects to the service on one end and provides a representation of it to the browser on the other. Schematically, this can be summarized as the HTTPS ↔ RDP/SSH ↔ Service chain.

From a technical standpoint, integration with the existing network occurs by interposing the network layer that identifies the client address obtained from the organization’s internal DHCP and associated with the client/user. Everything happens transparently within the appliance between the protocol “translator” and the service. The new configuration will therefore be HTTPS<->RDP/SSH<->NetworkContainer<->Service. The NetworkContainer obtains a network address from its own DHCP server and can register a dynamic DNS record as if it were a physical device present on-site.

The RDP or SSH connection to the target machine, passing uniquely through the NetworkContainer, will always map any connection to internal services to the IP address provided by the DHCP server, achieving the same result as a traditional VPN but without exposing other systems or resources directly to the data center.

Schema_03

What does this mean in practice for your company?

This approach offers tangible benefits in three key areas:

  • Enhanced security: Each session is isolated, and every access attempt is filtered. There is no longer an “open door to the network.”
  • Compatibility with existing systems: It works with your current network infrastructure without requiring migrations or replacements.
  • Granular control: You can precisely define who accesses what, when, and with what permissions.

A vision: the boundary between the network and the application no longer exists

With this new implementation, Oplon Secure Access will take a significant step toward security innovation while maintaining simplicity and control everywhere, even within existing network security infrastructures.

Conclusions

In short, Oplon Trusted Connection combines innovation with continuity, delivering a modern and secure access model without disrupting existing operations.

Latest from the blog

The New Paradigm for Accessing IT Resources

Oplon Trusted Connections introduces a new approach to enterprise connectivity: connecting people to resources, not to networks. By integrating modern security with existing infrastructure, it enables secure HTTPS access without exposing the entire network, overcoming the limitations of traditional VPNs. Thanks to an intelligent application layer and the use of isolated containers, it provides granular control, compatibility with legacy systems, and integration with corporate DHCP and DNS. The result is a hybrid model that combines Zero Trust with classic networking, improving security, visibility, and management without disrupting existing operations.

Read More →
5 May 2026

Protection of Trade Secrets

The protection of trade secrets, such as know-how and strategies, is governed by EU Directive 2016/943 and the Industrial Property Code. To be protected, they must be secret, have economic value, and be adequately safeguarded through concrete measures. Formal confidentiality is not enough: demonstrable technical and organizational controls (e.g., access controls, encryption, tracking) are required, in line with GDPR and NIS2. Case law requires actual evidence of the security measures adopted: in the absence of such evidence, protection is denied. The focus therefore shifts from the theft of data to the ability to demonstrate the protection implemented.

Read More →
23 April 2026

VPN: The perfect solution or a loose cannon?

VPNs (Virtual Private Networks) are often hailed as essential tools for online security and anonymity, but are they really the perfect solution? In this article, we delve into the hidden risks and realities of VPN usage. From exposing corporate data to potential ransomware attacks, to the illusion of anonymity while browsing, the truth may surprise you. Discover the alternative technologies that can provide safer connections without the pitfalls of traditional VPNs. Join us as we explore the complexities of VPNs and what you need to know to protect your online presence effectively.

Read More →
23 January 2025

The New Paradigm for Accessing IT Resources

Oplon Trusted Connections introduces a new approach to enterprise connectivity: connecting people to resources, not to networks. By integrating modern security with existing infrastructure, it enables secure HTTPS access without exposing the entire network, overcoming the limitations of traditional VPNs. Thanks to an intelligent application layer and the use of isolated containers, it provides granular control, compatibility with legacy systems, and integration with corporate DHCP and DNS. The result is a hybrid model that combines Zero Trust with classic networking, improving security, visibility, and management without disrupting existing operations.

Read More →
5 May 2026

Protection of Trade Secrets

The protection of trade secrets, such as know-how and strategies, is governed by EU Directive 2016/943 and the Industrial Property Code. To be protected, they must be secret, have economic value, and be adequately safeguarded through concrete measures. Formal confidentiality is not enough: demonstrable technical and organizational controls (e.g., access controls, encryption, tracking) are required, in line with GDPR and NIS2. Case law requires actual evidence of the security measures adopted: in the absence of such evidence, protection is denied. The focus therefore shifts from the theft of data to the ability to demonstrate the protection implemented.

Read More →
23 April 2026
.st0 { fill: #ec6b4f; }

Request a demo

Fill out the form to be contacted by one of our operators.