• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

CTOvision.com

Context for the CTO, CIO, CISO and Data Scientist

  • About
    • Company
    • CTO
    • Events
    • Entertainment
    • Government
    • News
    • Tech Advice
    • Tech Careers
    • The Boardroom
    • Training and Education
    • Quotes
    • Members Only
      • Sign in
  • Tech Guide
    • CTOvision Guide To Technology
    • CTOvision Guide To The Cybersecurity Technology Marketplace
    • National Security Technology
    • Cloud Computing
    • Artificial Intelligence
    • Mobile
    • Blockchain and Cryptocurrency
    • Robots
    • Internet of Things
    • Cyber War
  • Contact Us
  • Newsletters
  • OODA LLC
Home » Cloud Computing » Enterprise Security and Functionality Benefits of the new Software Defined Perimeter (SDP) Approach

Enterprise Security and Functionality Benefits of the new Software Defined Perimeter (SDP) Approach

Bob Gourley May 22, 2017

The dynamic nature of today’s IT Operations has eroded the network perimeter in ways we have all been watching and even cheering on! This is a new world of mobility, cloud computing and rapid partnering for success.

But the erosion of the network perimeter is making traditional security a roadblock to efficiency. No one wants to allow holes to be poked in the security system but no one wants to shut down connectivity to partners either.

The Software Defined Perimeter uses software techniques to render the internal environment invisible to all outsiders, unless trust is granted. Secure connectivity is provided only to trusted users and devices. The SDP approach was pioneered by proven enterprise IT, cloud computing and security experts working collaboratively together under the Cloud Security Alliance (CSA).

SDP Combines:

  • On-device authentication
  • Identity-based access
  • Dynamically provisioned connectivity

Key benefits of this approach include the following unique security properties:

1) Information Hiding

No DNS information or visible ports of protected application infrastructure. SDP protected assets are considered “dark” as it is impossible to port scan for their presence.

2) Pre-authentication

Device identity (of the requesting host) is verified before connectivity is granted. Device identity is determined via a MFA token that is embedded in the TCP or TLS set up.

3) Pre-authorization

Users are provisioned access only to application servers that are appropriate for their role. The identity system utilizes a SAML assertion to inform the SDP Controller of the hosts’ privileges.

4) Application Layer Access

Users are only granted access at an application layer (not network). Additionally SDP typically whitelists the applications on the user’s device – thus provisioned connections are app-to-app.

5) Extensibility

SDP is built on proven, standards-based components such as mutual TLS, SAML and X.509 Certificates. Standards based technology ensures that SDP can be integrated with other security systems such as data encryption or remote attestation systems.

For more information on this approach contact us

  • About
  • Latest Posts
Connect Here
Bob Gourley
Co-Founder and CTO at OODA
Bob Gourley is the CTO and Co-Founder of the due diligence and cybersecurity consultancy OODA LLC , which publishes CTOvision.com and OODAloop.com. Bob's background is as an all source intelligence analyst and an enterprise CTO.
Connect Here
Latest posts by Bob Gourley (see all)
  • Bill Vass Presents On The Extended Cloud, AWS powers edge-to-cloud applications - March 5, 2021
  • Opportunity for companies in the national Security Space to Sponsor Defense Intelligence Memorial Foundation Event - March 2, 2021
  • Miracle on Ice: Business, Technology and National Security Leadership Lessons from the 1980 Olympics USA Hockey Team - February 24, 2021

Share this:

  • LinkedIn
  • Facebook
  • Twitter
  • Reddit
  • Email

Related

Filed Under: Cloud Computing, The Boardroom Tagged With: Crucial Point LLC

Gain Decision Advantage With Innovative Enterprise Software

Bill Vass Presents On The Extended Cloud, AWS powers edge-to-cloud applications

How Aerospike achieves fine-grained global replication

Search News: Elastic Announces Web Crawler for Elastic App Search and Support for Box in Elastic Workplace Search

Looking Good: Chainlink Promises ’10x Data’ With New ‘Off-Chain Reporting’ Overhaul

Ideas On Bitcoin vs Ethereum: Performance Growth Analysis

Crypto: The Graph Adds Support for Binance Smart Chain

Snowflake names VMware veteran Jon Robertson as APJ boss

These factors are now a bottle-neck for Chainlink

From The Point Of View of an Investor: What Is The Graph?

OK this is huge: Ethereum mining revenue breaks $1 billion for the first time in February

About Bob Gourley

Bob Gourley is the CTO and Co-Founder of the due diligence and cybersecurity consultancy OODA LLC , which publishes CTOvision.com and OODAloop.com. Bob's background is as an all source intelligence analyst and an enterprise CTO.

Primary Sidebar

Search

Hot News

Bill Vass Presents On The Extended Cloud, AWS powers edge-to-cloud applications

How Aerospike achieves fine-grained global replication

Search News: Elastic Announces Web Crawler for Elastic App Search and Support for Box in Elastic Workplace Search

Looking Good: Chainlink Promises ’10x Data’ With New ‘Off-Chain Reporting’ Overhaul

Ideas On Bitcoin vs Ethereum: Performance Growth Analysis

Crypto: The Graph Adds Support for Binance Smart Chain

Snowflake names VMware veteran Jon Robertson as APJ boss


OODAcast OODA cast

OODA

Disruptive IT finder

CTOevents

Featured Content

CTO Guide To The Business of the Internet of Things

CTO Guide To The Business of Robotics

CTO Guide To The Business of Bigdata

CTO Guide To The Business of Mobility

Learn things your competitors wish you did not know

CTO Guide To The Business of Cloud Computing

CTO Guide To The Business of Cybersecurity

CTO Guide to the Business of Artificial Intelligence

RSS CTO Events

  • An error has occurred, which probably means the feed is down. Try again later.

Footer

Free Newsletters and Tech Reports

CTOs on Facebook
CTOs on LinkedIn

CTO Events
Tech Guide

OODA LLC Technology Due Diligence
OODAloop.com

CTOVision Pro: Exclusive Content

Reports
Crucial Point LLC

Copyright © 2021 CTOvision.com·

loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.