Secure Network Overview

3 min. readlast update: 07.02.2026

Note: ThreatLocker® provides a mobile application that extends Secure Network Access control capabilities to mobile devices. For information regarding registering a mobile device for Secure Network Access, please refer to the following article:

Registering Mobile Devices for Secure Network Access | ThreatLocker Help Center

What is Secure Network?

ThreatLocker Secure Network implements Zero Trust Access (ZTA) by allowing users to securely reach internal resources without opening inbound firewall ports and without deploying a traditional VPN.

Users can connect to authorized devices when operating outside of the internal network by entering the device name exactly as they would when connected internally. ThreatLocker automatically manages the connection process in the background.

Secure Network does not establish a traditional network tunnel and does not rely on conventional network routing. Instead, ThreatLocker brokers the connection on behalf of the user.


Why traditional remote access methods are high risk

Remote Desktop Protocol (RDP) is one of the most convenient ways for users to access internal resources. However, exposing RDP ports, such as TCP 3389, on your firewall is one of the most common causes of ransomware intrusions.

Traditional mitigations, such as Remote Desktop Gateway or VPNs, can still leave open inbound paths that attackers may target.

Remote Desktop exposed on port 3389

  • Direct RDP exposure is a leading attack vector.
  • Bots and attackers continuously scan the internet for open 3389.

Remote Desktop Gateway

  • Moves access to port 443, but still exposes a listening service to the internet.
  • The attack surface remains open.

VPN

  • VPNs are frequently compromised through stolen credentials or vulnerabilities.
  • VPNs provide network-level access instead of service-level access.
  • A compromised VPN client can expose the entire network.

ThreatLocker ZTA helps eliminate these risks by brokering approved connections instead of exposing services directly to the internet.


How Secure Network works

When a user initiates a connection, ThreatLocker brokers the traffic instead of routing it directly across a network tunnel.

  1. The user attempts to connect to an authorized device or resource.
  2. The request is intercepted locally.
  3. The connection is rewritten and redirected to localhost.
  4. The traffic is encapsulated.
  5. The traffic is securely transmitted over port 443 to the internet.
  6. The traffic is routed to ThreatLocker data centers.
  7. ThreatLocker securely brokers the connection to the destination device.

Because the connection is brokered through ThreatLocker rather than routed directly across a network tunnel, this approach can provide improved performance and reduced latency compared to traditional remote access methods.


Secure Network policy types

ThreatLocker Secure Network offers four different types of policies.

Policy Type Description
Device-to-Device Communication in My Organization Permits traffic between internal endpoints through Secure Network, such as RDP traffic.
Access to Website Category Controls which website categories organizational devices are allowed to access.
Secure SaaS or Cloud App Access Publishes SaaS or cloud applications, such as Microsoft 365, GitHub, or Slack, through Secure Network.
Custom Firewall Policy Configures a host-based firewall policy to permit or deny traffic on specific ports or protocols to or from devices on your network.

Summary

ThreatLocker Secure Network applies Zero Trust principles to remote access by removing the need to expose services like RDP to the internet. Access is controlled through policies that define which users, devices, and applications can communicate without opening firewall ports or relying on VPN infrastructure.

This helps reduce risk while still supporting modern remote work.


Zero Trust Network Access (ZTNA) and Zero Trust Cloud Access (ZTCA) Frequently Asked Questions

Was this article helpful?