Replace the legacy VPN with a modern Software-Defined Perimeter (SDP)
Design a flexible, stronger access policy playbook around user and device authentication with a Software-Defined Perimeter. Whether your critical corporate resources are in the cloud or local servers, SDP enables IT to easily build a wall around the entire network.
Block hackers from the network, in one swift motion
SDP deploys multiple cutting-edge security tools and is easily implemented, even and especially for modern organizations with complex cloud networks, many remote users, and varying access requirements.
How Does a Software-Defined Perimeter Work?
SDP network architecture has three important components: the SDP Client, the SDP Controller, and the gateway PoP.
SDP Client: Access Control
The client verifies identities using an Identity Provider, such as Okta, Google, or Azure. It routes whitelisted applications to authorized remote connections, ensuring that the certificate-based mutual TLS VPN only connects to authorized services. Network traffic is encrypted and tunneled between the user’s device and the corresponding gateway.
SDP Controller: Trust Broker
The controller establishes trust between the SDP Client and backend security controls by authenticating users and devices. By evaluating the controller, Issuing Certificate Authority and Identity Provider, the user and network entitlements are verified, and the SDP Controller configures the gateway in real time to provision a mutual TLS connection.
The Gateway: Termination Point
The gateway grants access to previously private resources, allowing employees to have a private and uncongested connection. This termination point for the mutual TLS connection from the Client verifies the identity of the requesting device, authorizes the user, and grants access to the requested network.
Secure, user-specific resource access
Before a user gains access to the network, ensure that their identity and device are checked. Third-party identity providers and Single Sign-On make authenticating users easy while device posture check rules and other endpoint tools verify their devices are safe.
Segment the network for a safer network
Security tools like VPNs might offer encrypted access to the network, but they cannot provide access to only certain network resources for individual users or groups. Perimeter 81’s SDP provides built-in micro-segmentation utility so that your most sensitive resources aren’t exposed.
Central policy management for teams
IT has one central dashboard where they can create custom access policies based on user, device, location, and other granular attributes. This saves the need to deploy multiple solutions in order to achieve sophisticated policy management.
Easily-integrated edge security
Perimeter 81 enables organizations to take advantage of the full SDP model, with integration across any on-premises or cloud infrastructure. Instant deployment of encrypted gateways across the world offers low latency for remote workers and their devices.
The greatest benefits of SDP for organizations
“The best feature so far has been the ability to deploy gateways, we were able to roll out a gateway relatively close to our employees in just a few minutes. Having the ability to roll out an entire office with access to internal resources in just minutes is the best thing I can ask for.”
The perimeter has evolved – so must security.
Transitioning critical resources to the cloud, allowing employees access from off-premises, and encouraging BYOD presents security challenges that only SDP is flexible enough to address – from inside and outside the network.