Secure Access

AppGate SDP

Use Cases

Organizations around the world have implemented AppGate SDP as their preferred alternative to VPNs, next-gen firewalls and NACs to address key challenges including:

Over-privileged third party / remote accessCritical workload migration to the cloudConstrained cloud DevOps


Use Case

Eliminate over-privileged remote and third-party user VPN access

Virtual workers and third-party contractors need access to your critical systems from anywhere on any device. But VPNs treat all users the same: an IP address allowed to connect to your network – or not.

This all or nothing approach results in over-privileged users and heightened risk. AppGate SDP enforces identity-centric policies and permissions to reduce the attack surface and limit what over-privileged users can see.

Global travel leader replaces VPNs with AppGate SDP to ensure consistent, secure access for remote and on-premise agents

An international travel and resort corporation needed to secure access for on-premise employees and call center agents working remotely from home. Their existing VPN technology, as well as NAC alternatives they considered, lacked the ability to granularly control which resources its remote workers could access. These solutions were also untenably resource-intensive and time-consuming to manage at the scale needed. 

AppGate SDP overcame the limitations of their incumbent VPNs and segmented network access to holistically support remote and on-premise users. It not only ensured that users only access what they are authorized to view. Its superior performance also improved the remote user experience across all their hybrid environments.

Back to top


Use Case

Securely Migrate Critical Workloads to Public Cloud

As more workloads migrate to the cloud, its time consuming to create new security groups or add resources to existing ones. Cloud security groups also lack the contextual control needed to protect critical systems. 

AppGate SDP enables simple and secure public cloud migration. Its Live Entitlements make it easy to automatically secure cloud workloads and enforce consistent controls across hybrid environments.

A financial organization relies on AppGate SDP to secure and track access to its tens of thousands of EC2 instances daily.

To more efficiently operate the systems that oversee and analyze billions of market transactions every day, a financial organization migrated to AWS. The organization needed to secure access to and easily demonstrate regulatory compliance of their voluminous AWS resources. An IP-based network security solution only showed what IP had access to a resource. They needed fine-grained logs of who had access to what, where and when, across tens of thousands of EC2 instances daily, with 80 percent having a lifespan of five or fewer hours.

With AppGate SDP, the context of each user and his or her device is dynamically evaluated before granting network access to the user-authenticated instances and services in the AWS environment. All access is logged and integrated into existing ticketing systems so regulatory compliance reporting is quick and easy. With AppGate SDP, they benefit from consistent, secure across their entire cloud environment without impeding innovation.

Back to top


Use Case

Improve Secure DevOps Access

Access control with static IP-based firewalls and port mapping simply doesn’t scale to meet the dynamic, targeted needs of agile DevOps users. 

With AppGate SDP, organizations grant DevOps timely and precise access to only those resources their authorized to use, without onerous management or a cumbersome user experience.

A leading ISV improves DevOps user experience and meets stringent security standards with AppGate SDP

To support its high velocity DevOps model, an ISV needed a simplified, cohesive platform to manage and secure DevOps user access to individual AWS accounts. Traditional security solutions including VPNs and jump hosts exposed them to an unacceptable level of risk and resulted in an unsatisfactory DevOps user experience. 

The ISV implemented AppGate SDP to dynamically and automatically create immediate encrypted Segment of One network connections between each developer and only the resources they are entitled to use. Taking less than three weeks from initial deployment to widespread production, AppGate SDP also easily integrated with its existing identity and authentication platforms. It was the only solution able to address the ISV’s segmentation, performance and user experience requirements while providing the correct access and audit trails of every activity within each AWS account.

Back to top