1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Software-defined Perimeter (SDP) Essentials

Discussion in 'Network World' started by RSS, Jun 1, 2016.

  1. RSS

    RSS New Member Member

    I’ve written about SDPs a few times as I think this model is a strong fit today’s IT cocktail made up of mobile applications, public cloud infrastructure, and pervasive security threats.

    Just what is an SDP anyway? The model is really based upon the “black cloud” concept coming out of the Defense Information Systems Agency (DISA) where network access and connections are allowed on a “need-to-know” basis. Similarly, the Cloud Security Alliance (CSA) refers to SDPs as “on-demand, dynamically-provisioned, air gapped networks.”

    Several vendors, including Cryptzone and Vidder, actively market SDP offerings while Google’s BeyondCorp is a homegrown SDP project that Google has made public and highly-visible. While these efforts clearly fall under the SDP category, I viewed the SDP model a bit more broadly. SDP is clearly associated with numerous innovations and initiatives of the past including next-generation firewalls, network access control (NAC), and even 802.1X so there are plenty of SDP-like solutions from vendors like Cisco, HP (Aruba), and Pulse Secure (formerly part of Juniper). While definitions vary slightly, SDP is also closely aligned with concepts like attribute-based authentication so SaaS providers like Microsoft (Azure AD), Okta, and Ping play here as well. And old industry veterans like me may also remember Cisco’s 1990s concept titled “directory-enabled networking (DEN),” a model where network directories governed who could connect to what. SDP is quite similar to this visionary approach.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page