Secure Access

AppGate SDP

A truly secure perimeter is software-defined. Dangerous legacy network security tactics leave your enterprise vulnerable to cybercrime. Modern threats need a contemporary, zero-trust defense: AppGate SDP.

The perimeter can be anywhere. Secure it everywhere. 

We live in an age of cyberwarfare, yet trust is assumed. And the introduction of hybrid IT has killed the perimeter. Traditional perimeter security is static, non-responsive and centralized. It operates on a misplaced sense of trust and grants over-entitled access to entire corporate networks. 

Traditional VPNs, so-called next-generation firewalls, and NACs are simply not fit for purpose in a perimeter-less world. It’s time for a security model that focuses on the user – a Software-Defined Perimeter (SDP). Cyxtera is a different kind of network security provider, built for the new requirements of modern, hybrid enterprise IT.

While many SDP solutions are built primarily to secure web and cloud-based applications, AppGate SDP is a powerful network security platform that delivers the industry’s most comprehensive Software-Defined Perimeter solution, capable of securing any application, on any platform, in any location.

“SDP enables organizations to provide people-centric, manageable, secure and agile access to networked systems. It is easier and less costly to deploy than firewalls, VPN concentrators and other bolt-in technologies.”– Gartner, It’s Time To Isolate Your Services From The Internet Cesspool, September 2016
a better approach to secure access

It’s virtually impossible to secure your distributed, hybrid IT infrastructure with perimeter security that hasn’t been updated in 20 years. Perimeter-based security solutions such as VPNs, next-gen firewalls and NACs are ineffective against malicious insiders and targeted attacks. These antiquated tools are also complex and expensive to operate.

A Software-Defined Perimeter (SDP) dynamically creates one-to-one network connections between the user and the resources they access. It’s based on three core principles.


Designed around user identity, not the IP address. SDP builds a multi-dimensional profile of a user or device and authorizes users before granting access.


Enforces the “zero trust model” by applying the principle of least privilege to the network. It completely reduces the attack surface.


Built for the cloud, and like the cloud. Engineered to operate natively in cloud networks, it’s completely distributed and as scalable as the internet itself.

A complete network security platform

It’s time to focus on the user.

AppGate SDP enables you to dynamically control access across your entire hybrid network based on identity-centric policies, rather than static IP based access control lists. It is cloud and hybrid native working regardless of your infrastructure or where you are migrating to. You can use it across all your workloads and applications.

AppGate SDP works by creating one-to-one connections between users and the network they need to access – a Segment of One. AppGate SDP is resilient and massively scalable to support enterprise-grade, mission-critical and global environments.

How it works

AppGate SDP for the Cloud

Securing access to public cloud workloads isn’t easy. Static IP-based firewalls don’t provide granular access control to cloud resources. And access control with static IP addresses and port mapping simply doesn’t scale.

AppGate SDP was built for the cloud, like the cloud. Its architecture is entirely distributed, highly resilient and massively scalable. It allows enterprises to implement a global, highly-available secure access system in any hybrid environment with greater control and improved economics.

AppGate SDP for AWS

AppGate SDP creates a segment of one for each user based on the person, environment and enterprise. AppGate SDP evaluates users in real time against policies before connecting each user to the public cloud environment.

Access automatically adapts in real time to changing conditions in the cloud. Every new instance is automatically traced and added or removed from the access filter. It becomes an automation-driven network access process that can be managed by simple policies.

Start Free Trial Now

AppGate SDP for Azure

AppGate complements Microsoft Enterprise Mobility and Security solutions and Azure Active Directory tools to protect network resources. AppGate SDP leverages Microsoft’s Azure security capabilities, Network Security Groups and Tags to provide user-centric and context-aware access to approved network resources.

AppGate SDP Gateways are easily deployed into Azure, creating an encrypted segment of one for each unique user, giving them network access only to authorized cloud resources.

Request A Demo

Why deploy AppGate SDP

Organizations around the world have deployed AppGate SDP to augment protection from their outdated VPNs, firewalls and NACs. They rely on AppGate SDP to control over-privileged remote or third-party user access, securely migrate critical workloads to the cloud, and remove constraints on cloud DevOps.

AppGate SDP doesn’t just improve security and protect critical workloads. It addresses compliance control gaps and requirements for regulations including PCI and Sarbanes-Oxley, and greatly mitigates exposure from DDoS attacks. You’ll reduce the attack surface and audit scope while substantially reducing cost and complexity.

Use Cases