Features
GoodAccess enhances security by implementing a Software-Defined Perimeter (SDP) that utilizes ZTNA principles. This approach ensures that no user or device is trusted by default, regardless of whether they are inside or outside the network. Every user accessing the network must be authenticated and verified, significantly reducing the risk of unauthorized access or cyber threats. Furthermore, the platform employs AES-256 and ChaCha20 encryption to ensure that data is encrypted and safe while traveling between remote workers and the company network. Admins have the choice of setting up VPN protocols such as OpenVPN and IKEv2 with both supporting the industry standard AES as their common denominator.
In terms of the servers available, the offering is on the slimmer side, spanning 35 locations spread across the US, Europe, and Asia. If you have specific location requirements it may be worth checking the list before deciding to commit to the service. Â
The platform offers split tunneling, which enables you to select which traffic should pass through the VPN and which can access the internet directly. This feature helps optimize bandwidth and ensures that critical business traffic remains protected. Additionally, GoodAccess integrates with Single Sign-On (SSO) providers like Google Workspace and Azure Active Directory (and numerous others), simplifying access management for businesses using these tools.
GoodAccess also includes a DNS filter called Threat Blocker, which protects your network from malicious websites, malware, phishing attempts, ransomware, spam, and other online threats. This feature acts as an extra layer of defense, preventing users from accidentally accessing harmful content.
Additionally, the service comes with split tunneling, which optimizes your VPN gateway connection by allowing you to choose which traffic routes through the VPN and which accesses the internet directly. This helps improve overall speed and reduces latency, ensuring a smoother browsing experience. Additionally, GoodAccess provides a static IP address, giving your company a unique identifier for its network. Curiously enough, there is no kill switch option on offer.
An API is available only on higher-paid plans, but the connection agent can be used across Windows, MacOS, Linux, Android, iOS, and ChromeOS. Finally, the central dashboard houses all of the functionality, and features a logically laid out array of functionality on the left side. It is easy to use and offers powerful logging features that collate system and gateway access logs, threat blocker logs, device posture, and admin logs.
Pricing & Plans
The positive in terms of the pricing plans is that you have a 14-day free trial across all plans, and you can also schedule a live demo to get the feel of the offering. Plans are split between the Essential, Premium, and Enterprise plans, with Enterprise being tailored to your specific needs and pricing determined following that. All plans have a $39 per month cost for a dedicated gateway and a minimum of five users for the first two plans and $50 for the Enterprise plan.Â
Essential costs $9 per month, per user, but if you opt for annual billing the costs come down to $7 a month. Premium costs $14 per month, per user, and with the annual billing comes down to $11 per month. The major difference between the two initial plans is the security that you get with the offer, while Essential focuses more on VPN and whitelisting features, Premium offers a full blown ZTNA approach, and is more suited for companies looking to stay protected and scale the protection easily.
Performance
While its server network isn’t as extensive as some competitors, the service maintains consistent speeds and uptime. This makes it suitable for everyday business tasks such as video conferencing, file sharing, and accessing cloud-based applications.
However, companies with heavy data usage or those needing extremely high speeds might find the performance a bit limiting compared to more premium business VPN solutions. This limit is pretty evident if you choose a server which is not close to your location i.e. Asian servers from Europe. Nevertheless, you can squeeze out some more performance if you opt to use IKEv2 as opposed to OpenVPN, which worked at least in our case.
Privacy & Security
The SDP model creates an invisible barrier around company resources, meaning these resources are only accessible to authenticated users with explicit permissions. This drastically limits the attack surface, as potential attackers cannot even see what resources exist within the network. By combining ZTNA with encryption, multi-factor authentication (MFA), and single sign-on (SSO) integrations, GoodAccess ensures that sensitive business data is protected at multiple layers.
Additionally, GoodAccess’s ZTNA framework allows businesses to implement role-based access controls, ensuring that employees have access only to the resources they need. This granular control helps maintain strict security policies and prevents lateral movement within the network, further safeguarding company assets from potential breaches. This makes GoodAccess an effective solution for companies aiming to secure remote workforces and comply with stringent data protection regulations.
The platform also offers two-factor authentication (2FA), providing an additional security layer for user accounts. This makes it more difficult for unauthorized users to gain access, even if they manage to obtain login credentials. GoodAccess places a strong emphasis on privacy protection, demonstrated by its GDPR compliance and ISO 27001 and SOC 2 certifications. These certifications indicate that GoodAccess meets specific business standards for data security, privacy, and compliance, ensuring that customer information is handled with care. While the company does maintain logs to assist its users, it ensures full security and privacy through data encryption. The information stored is mainly related to account usage or for purposes such as providing customer support, development, and analytics.
Alternatives
If speed is not the determining factor, an alternative to GoodAcccess Business VPN could be Windscribe, a quirky, stable and all around great VPN for a price that seriously undercuts the premium competitors. Overall, it provides strong encryption, fast service, malware and ad blocking and flexible number of device connections. Moreover, if you like to have the ability to tweak your DNS and firewall settings, the Windscribe is a great choice, since the granularity it offers can give you an extra edge if you’re an experienced admin. To top it all off, the entry price is lower so if GoodAccess is not your cup of tea, give Windscribe a chance by trying out their free offer.Â
ProtonVPN is another alternative, though one aimed at more established and larger businesses looking to follow a ZTNA approach to its fullest. Double hop and Secure Core options this provider offers ensure the highest level of safety for your assets while remote workforces connect to them. Moreover, the offering is rounded out with safety and security features that rival other premium competitors in the market. However, be ready to pay for it, since price-wise it is more expensive than GoodAccess.
Final Verdict
GoodAccess is a solid business VPN choice for small and medium-sized enterprises that need a reliable, secure, and easy-to-manage solution. It is simple to deploy once signup is complete, and even easier to manage the remote workforce thanks to a logically laid out, yet powerful dashboard.
While it may not have all the advanced features that larger corporations require, its strong encryption, user-friendly interface, and flexible pricing plans make it a practical option for teams looking to protect their remote access without the hassle of complex configurations. A ZTNA approach is still possible using GoodAccess, though you can get much more with premium providers, but you will also have to pay for it.
Read the full article here
