Leveraging Zero Trust: SDP
In the business landscape we find ourselves, demands on IT departments all over the globe are at an all time high.
CEO's are pushing the boundaries between CX and UX to maintain a competitive edge, we're seeing the rapid introduction of new cloud applications and IoT. To further complicate the changing landscape, employees are screaming out for flexible WFH & BYOD arrangements.
All of this is putting existing network architecture under pressure and we need to accept the traditional methods to network and security are no longer effective.
What are you doing to improve your security posture?
- Utilising a threat intelligence application?
- Locking down machines/devices with vulnerability, patch and configuration management?
- Firewall implementations
These are great tools and should continue to play a critical role in your overall security strategy, but think of them as preventative medicines, what we propose with SDP is total immunisation.
Traditional architectures work on a basis of access then authenticate. This gives ALL users access to ALL of the services, good and bad. Not login, but access.
SDP addresses this flaw directly with authenticate THEN access to ALL users, and that is why SDP is critically important.
SDP Controller:
The SDP controller is a centralised policy enforcement engine that governs the control and data plane for the SDP components. For centralized authentication and authorisation, the SDP controller keeps track of users, devices, and applications. It manages all of the SDP components, and the connections to the services behind the gateways.
This controller allows initiating and accepting hosts to be authenticated prior to allowing communication, and for the controllers, it determines the list of accepting hosts to which the initiating host is authorised to communicate to.
SDP Gateway
The gateway can be established in either a public cloud or on-premise location, and close to the requesting resource. The geolocation integration point is useful so that only certain locations, due to security reasons, can assess information, or enhance the user experience by redirecting the services that are logically closer to the gateway that is protecting those services.
The gateway monitors incoming traffic at a TCP/IP level to identify connection attempts from the initiation hosts. It silently monitors this traffic, and when a valid connection request is identified, it dynamically modifies the firewall policy to accept the connection from that client.
SDP dashboard reporting
- Once security controls are passed there is still no direct connectivity path between the user and the application.
- Dynamically discover unknown applications
- Application health based on location and connectivity path
Status of the connection
- How many bytes sent per application (unlike your traditional VPN)
- Policies used when accessing the application
- Identity information for who was authenticated
SDP is not about putting a lock on a network to defend against attacks. SDP makes the entire network infrastructure dark to anyone who is not permitted to see them.
You cannot attack what you cannot see.
Feel free to reach out if you want to chat about improving your Cyber Security posture - coffee's on me.
