Duke Ellington and Cloud Network Access Control
To misquote Duke Ellington, “the cloud is the place, man.” In January, we saw Microsoft announce that its cloud business unit brought in $6.3 billion in sales in its most recent quarter. At the same time, AWS generated $2.4 billion in net sales during the holiday quarter and for 2015 as a whole, generated $7.9 billion in sales. That’s great news for cloud providers and for companies as they reap the agility and cost savings rewards of private, public and hybrid cloud environments.
However, applying network access controls for the cloud is causing IT and Security teams some serious heartburn as they attempt to apply traditional tools in a non-traditional setting. According to a recent survey, 60% of security professionals acknowledged that their teams can’t keep up with the pace of cloud automation, self-service and DevOps changes.
Ultimately, traditional network security tools like VPNS, firewalls and NACs are unsuitable for today’s dynamic, cloud environments – they’re labor-intensive to manage, and provide all-or nothing access, giving authenticated users overly broad network access, and allowing wide-reaching breaches.
Now, consider that enterprises typically use six different cloud computing services. How can IT and Security teams provide secure network access controls across that many different destinations? How many firewall rules need to be written, administered and maintained? How can companies provide audit and log information for regulatory and compliance requirements that shows who connected to what and when? This is a real problem that needs solving.
Introducing AppGate XDP version 2.0: Agility with Simplicity
Today, Cryptzone addresses these issues with the launch of AppGate XDP, a dynamic, secure access control platform. AppGate XDP dramatically reduces the attack surface for all users across applications and data hosted both on-premises and in the cloud.
AppGate XDP simplifies the user access problem and eliminates over-entitled network access, drawing on user context to dynamically create a secure, encrypted network ‘segment of one’ that’s tailored for each user session. It automatically controls each user’s network access at a fine-grained level, ensuring that users can only access authorized resources. With AppGate XDP, all unauthorized network resources are invisible, completely preventing malicious users or attackers from exploiting weaknesses in unauthorized applications.
And because AppGate XDP automatically adjusts access decisions based on policy and user context, the business obtains the agility it needs without overloading IT and Security teams.
Increased scalability, reliability and high availability
With AppGate XDP 2.0 we’re increasing scalability, reliability, and high availability, allowing enterprises to achieve the best of both worlds – fine-grained access control per user, and incredible performance and reliability. Here’s how:
- True enterprise, linear scalability – As a company’s user population, cloud usage or scope grows, IT and Security teams can easily scale out by deploying additional AppGate XDP gateways. With our patent-pending technology, user devices will automatically load-balance across the collection of Gateways, and in the event of a failure automatically reconnect without losing state.
- Amazon EC2 resources – AppGate XDP adds new capabilities for supporting fine-grained, adaptive access control to Amazon EC2 resources. By automatically detecting new server instances, and intelligently combining EC2 tags and security groups with user context, AppGate XDP will automatically adjust user access to these new instances. This frees up IT from having to manually grant or revoke access for each change, and avoids the security risk of granting complete network access to all users, which is often the default.
There is plenty more to AppGate XDP. Learn more by joining the Cryptzone webcast on March 8, where we explain how to simply and effectively solve Infrastructure as a Service (IaaS) access challenges. You can also visit Cryptzone next week at RSA Conference 2016, booth S339, or visit our website to view our new AppGate video explainer. Finally, if you’ve never listened to the amazing Duke Ellington song “Villes Ville Is The Place, Man”, it’s well worth the time (and almost as good as the AppGate video explainer).