7 Benefits of a Software-Defined Perimeter

June 7, 2017 |
7 Benefits of a Software-Defined Perimeter

A Software-Defined Perimeter is a new network security model that dynamically creates 1:1 network connections between users and the data they access. It overcomes the limitations of traditional perimeter security such as VPNs, firewalls, and NACs and offers seven main benefits.

 

1. An “Authenticate first – Connect second” approach

Everything on the network is invisible, until authorization is granted and access is then only allowed to a specific application.

Decorative image of The Zero Trust Model

2. Identity-centric (not IP-based) access control

Know exactly who accessed what, for how long, the context of the device, and when they connected for policy and compliance.

Identity-centric access control - Know exactly who accessed what, for how long, the context of the device, and when they connected for policy and compliance.

3. Encrypted Segment of One

Individualized perimeters for each user and each user-session – a Segment of One. All the other services that exist on the network are invisible to the user.

Once a user obtains their entitlements, all network traffic to the protected network is encrypted.

Decorative image of Encrypted segment of one

4. Dynamic policy management

As new server instances are created, users are granted or denied access appropriately and automatically.

As context changes (time, location, device hygiene, etc.) dynamic access policies provide continuous and immediate security.

Decorative image of Dynamic policy management

5. Simplicity

Much simpler – and dramatically fewer – firewall and security group rules to maintain.

Decorative image of simplicity in a checklist

6. Compliance

A Software-Defined Perimeter offers:

  • Auditable, uniform policy enforcement across hybrid systems.
  • Dramatically reduced audit-preparation time: no need to correlate IP addresses to users.

Consider the people and time spent collecting, consolidating, and making sense of access logs. Organizations have reduced this by up to 90% when using a Software-Defined Perimeter.

Decorative image to illustrate a person in a circle that is compliant

7. Consistency

Consistent access policies across on-premises, the cloud and hybrid environments.

Decorative image to illustrate Consistent access policies across on-premises, the cloud and hybrid environments.

Why a Software-Defined Perimeter delivers better network security for today’s enterprises

Click through to the eBook How to Overcome NAC Limitations: Why a Software-Defined Perimeter delivers better network security for today’s enterprises, that discusses NAC limitations, puts NAC vs. SDP to the test, and shows how an SDP architecture helps safeguard against cyber attacks.

This eBook is for security, network, IT architect, operations, infrastructure and GRC professionals who want to protect access to physical, virtual and cloud-based IT systems.

Back to Blog Home

Paul Campaniello

Paul Campaniello is the Chief Marketing Officer for Cryptzone where he is responsible for worldwide marketing strategy, execution and sales support. Paul has over 25 years of experience with software startup companies.

He has held several senior marketing and sales positions including CMO/VP of Marketing at ScaleBase, Mendix, Lumigent, ComBrio and Savantis. Prior to Savantis, he was at Precise Software, where he helped build Precise from a startup to $100 million prior to going public and being acquired by VERITAS for $640 million.

Paul holds both a BS and an MBA from Bentley University.

Leave a Reply

Your email address will not be published. Required fields are marked *