The Software-Defined Perimeter in Action

Slides:

Advertisements

Similar presentations

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

Advertisements

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Trusted End Host Monitors for Securing Cloud Datacenters Alan Shieh †‡ Srikanth Kandula ‡ Albert Greenberg ‡ †‡

Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Single Identity – Multiple services how do I stay compliant? Wade Tongen NA Commercial SE.

© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.

Private Cloud: Application Transformation Business Priorities Presentation.

© Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.

Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Preparing your Fabric & Apps for Windows Server 2003 End of Support Jeff Woolsey Principal Program Manager.

Dell Connected Security Solutions Simplify & unify.

Deploying XenApp and XenDesktop with BIG-IP Brent Imhoff – Field Systems Engineer Gary Zaleski – Solutions Architect Michael Koyfman – Solutions Architect.

Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Secure & Unified Identity for End Users & Privileged Users.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows

Be Microsoft’s first and best customer Enabling world-class and predictable customer, client, and partner experience Protecting Microsoft’s physical and.

Jeff Wettlaufer Sr. Technical Product Manager System Center SESSION CODE: MGT308 B T jeffwettlaufer E

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Mark Gilbert Microsoft Corporation Services Taxonomy Building Block Services Attached Services Finished Services.

VDI AND DAAS – SAY WHAT?!? Bob Marshall, MD MPH MISM FAAFP Faculty, Valley Family Medicine Residency Faculty, DoD Clinical Informatics Fellowship.

Infrastructure for the People-Ready Business. Presentation Outline POINT B: Pro-actively work with your Account manager to go thru the discovery process.

Mobile Security Solution Solution Overview Check Point Mobile Threat Prevention is an innovative approach to mobile security that detects and stops advanced.

1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.

Banjot Chanana Sr Director of Product Docker for the Enterprise with Containers as a Service.

Cloud Agility with Performance Bridging the Performance Gap for Virtual Network Infrastructure Paul Andersen Sr. Marketing Director.

Barracuda SSL VPN Remote, Authenticated Access to Applications and Data.

Barracuda SSL VPN Remote, Authenticated Access to Applications and Data Version 2.6 | July 2014.

Barracuda Web Filtering Service

5/21/2018 9:40 PM BRK3021 Learn about modern infrastructure roles in RDS: Next generation Windows desktop & app virtualization Clark Nicholson - Principal.

Vidcoding Introduces Scalable Video and TV Encoding in the Cloud at an Affordable Price by Utilizing the Processing Power of Azure Batch MICROSOFT AZURE.

New Heights by Guiding Them into the Cloud

Federated IdM Across Heterogeneous Clouding Environment

NeoFirma Taps into the Microsoft Azure Cloud Platform to Deliver Digital Oilfield SaaS to North American Independent Oil and Gas Producers MICROSOFT AZURE.

Cherwell Service Management is an IT Service Management Solution that Makes it Easier for Users to Capitalize on Power of Microsoft Azure MICROSOFT AZURE.

Transform the Way you Manage Skype for Business

Forefront Security ISA

Best Practices for Securing Hybrid Clouds

Secure & Unified Identity

BOMGAR REMOTE SUPPORT Karl Lankford

Microsoft Azure Platform Powers New Elements Constellation Software Suite to Deliver Invaluable Insights From Your Data for Marketing and Sales MICROSOFT.

Replace with Application Image

Company Overview & Strategy

IT Management, Simplified

U.S. Federal e-Authentication Initiative

WAN. Re-invented..

Be Better: Achieve Customer Service Excellence and Create a Lean RMA and Returns Process with Renewity RMA and the Power of Microsoft Azure MICROSOFT AZURE.

Revolutionized, Automated Cash and Gratuity Management for the Hospitality Industry, Thanks to Microsoft Azure MICROSOFT AZURE APP BUILDER PROFILE: Evention.

Access and Information Protection Product Overview October 2013

Druva inSync: A 360° Endpoint and Cloud App Data Protection and Information Management Solution Powered by Azure for the Modern Mobile Workforce MICROSOFT.

Adra ACCOUNTS: Transaction Matching Software Powered by the Microsoft Azure Cloud That Helps Optimize the Accounting and Finance Processes MICROSOFT AZURE.

Keep Your Digital Media Assets Safe and Save Time by Choosing ImageVault to be Your Digital Asset Management Solution, Hosted in Microsoft Azure Partner.

TechEd /7/ :16 AM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered.

Media365 Portal by Ctrl365 is Powered by Azure and Enables Easy and Seamless Dissemination of Video for Enhanced B2C and B2B Communication MICROSOFT AZURE.

Building an Integrated Security System Microsoft Forefront code name “Stirling” Ravi Sankar Technology Evangelist | Microsoft

Windows 10 Enterprise subscriptions in CSP – Messaging Summary

NSX Data Center for Security

Increase and Improve your PC management with Windows Intune

System Center Marketing

TechEd /6/ :24 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.

Microsoft Data Insights Summit

IT Management Services Infrastructure Services

Computer Services Business challenge

TechEd /18/ :51 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered.

Productive + Hybrid + Intelligent + Trusted

AT&T Firewall Battlecard

IT Management, Simplified

Zero Trust in Practice: Identity Drives an Adaptive Workforce

OU BATTLECARD: Oracle Identity Management Training

Microsoft Virtual Academy

Presentation transcript:

The Software-Defined Perimeter in Action A Cloud-Ready Network Security Solution for the Modern Enterprise Christopher Day, CISSP Chief CyberSecurity Officer & General Manager

Built like cloud, for cloud A better approach to network security: Software-Defined Perimeter Built like cloud, for cloud 3 Colocation 1 Identity-centric Zero-trust model 2 By 2021, 60% of enterprises will phase out network VPNs for digital business communications in favor of software-defined perimeters.” “

AppGate SDP: Identity-centric, network enforced IDENTITY PROVIDER 1 Using Single-Packet Authorization, client makes access request to controller CONTROLLER GATEWAY CLIENT 2 Controller checks context, passes Live Entitlement to client 3 Using SPA, client uploads Live Entitlement, which gateway uses to discover applications matching the user’s context APPLICATION Lead in for this slide: “Cyxtera has a product that implements the SDP spec – AppGate SDP. It’s an enterprise—ready solution, deployed by many customers, and as an enterprise solution has filled in the gaps where the core SDP spec is silent.”. 4 Dynamic Segment of One network is built for this session APPLICATION 5 Continuously monitors for any context changes, adapts Segment of One accordingly APPLICATION

Enumerating user location, access and activity Built-in Identity Management AUDIT Logs contain over 100 fields User Account & Desktop Configuration Geolocation and Foreign Language Detection All Allow/Deny information captured Implementation dependent logging values 4

Transform security to support virtual & 3rd-party workforce CASE STUDY: TRAVEL AND LEISURE COMPANY Transform security to support virtual & 3rd-party workforce Challenges Need to secure access for virtual agents & contractors Cumbersome user access experience Existing VPNs lacked contextual control of user privileges Results with AppGate SDP Lowered personnel costs and able to handle seasonal peaks Replaced VPN to segment and secure remote users Improved user experience with superior SDP performance Dynamically control access based on user and environment

Streamline and improve security post M&A CASE STUDY: SECURE INFRASTRUCTURE COMPANY Streamline and improve security post M&A Challenges Simultaneous acquisition of five different companies Disparate, incompatible standalone security solutions Costly to maintain complex, aged security hardware (firewalls, VPN) Difficult to integrate additional acquisitions Results with AppGate SDP Secure user access globally with single integrated solution Consolidated security management and admin Eliminated need for additional costly security hardware Flexible framework can easily adapt for future expansion

Security across diverse access paths CASE STUDY: CLOUD SERVICE PROVIDER Security across diverse access paths Challenges Manage privileged users in multi-tenant environment Need to improve personnel access control and audit Adapt security to support BYOD and BYOOS Replace VPN for remote access users Results with AppGate SDP Automatically manages call center agent access to protected workloads ONLY when trouble ticket is active Consistent experience for all users on-prem or cloud Secure access for IaaS, remote and privileged users Scale to support organization growth to 6500 users

Summary: The Software-Defined Perimeter in Action Secure high-risk apps and data Improve security enterprise-wide Lower costs, simplify operations

Visit Cyxtera at RSA in booths: #1333 in Moscone South #941 in Moscone North www.cyxtera.com | info@cyxtera.com