The Trends Demanding a Software-Defined Perimeter
Written by Paul Campaniello on December 13, 2017
1.Cloud security – This is more than a trend. Cloud security continues to dominate the stage – how to secure hybrid environments. There are clear security challenges facing organizations in the cloud arising from combining native IaaS access controls with traditional network security tools. Cloud Security Alliance research into the topic explains these challenges and how a Software-Defined Perimeter approach can be applied to Infrastructure-as-a-Service environments.
2. The Software-Defined Perimeter (SDP) – Enterprise Strategy Group’s Jon Oltsik defines SDP as a “means of connecting users and devices to network services using attribute-based access controls and continuous risk scoring.” Read ‘Why a Software-Defined Perimeter for more information’. This is a HOT topic because attendees are struggling with how to secure access to their hybrid environments while ensuring compliance.
3. Network security analytics – Last year we saw a lot of startups in this space at the show. This year, we see even more activity. Network security analytics help organizations navigate cyber-attack kill chains based upon suspicious network activity. Analytics provide important input for monitoring the behavior of critical data assets, endpoints and users. Many large vendors are integrating analytics solutions as part of their security incident and event management (SIEM). Learn more about Software-Defined Segmentation so you can discover, visualize and analyze all assets in your virtual fabric.
4. Malware Prevention – A tried and tested means for attackers accessing the network, a lot of people focus on how to prevent malware from getting into the network – and then spreading. Just consider Microsoft’s finding that an attacker can be present on a network for more than 200 days before being detected – lurking and learning.
This year has seen massive breaches because of it and it’s only due to continue. So how do you to prevent it? We believe it’s about not letting malware get on the network. And if it does, that it can’t spread. Keeping your network secure includes securing access to resources by making the network invisible to people who are not both authorized and authenticated based on their identity.
5. DDoS Attacks – They will continue and only get worse. We saw a lot of these type of attacks in 2016 – Trump hotel website, Sonic (ISP in CA), Emsisoft, and Lloyd’s Bank to name a few.
6. AWS Security – As the leader in for cloud, AWS offers many benefits. But it can also cause operational complexity. A Software-Defined Perimeter can help reduce this complexity.