Zero Trust Network Access
The Perimeter Has Moved On, Have Your Defenses?
Long live the perimeter, the perimeter is dead.
The well-defined, locked-down perimeter no longer exists. As applications, people and data have grown increasingly distributed, the perimeter has moved to wherever your users are and to whichever internet connected devices they’re using, and it’s more porous than ever. If you think your traditional perimeter-centric defenses are protecting it, think again. It’s time to turn-off your VPN and turn-to SAIFE®.
Micro-perimeterization cloaks applications and services on the network, making them undiscoverable by anonymous attackers. Users can see only those applications and resources for which they’re authorized. Hackers can’t hack what they can’t see. SAIFE Connect makes the application/server infrastructure effectively “invisible.”
Zero trust security monitoring ensures that devices are continuously evaluated as long as they remain connected and are immediately quarantined when found to be out of compliance.
Replaces multiple, non-integrated products with a single solution
Easy to Implement and Manage
Traditional security tools like VPNs, firewalls, and NACs are labor-intensive to manage and struggle to keep up with the pace to of the business. With SAIFE, access control, provisioning and management are simplified, which reduces the impact on security and network teams.
Zero Trust Security
SAIFE Connect is built upon a Zero Trust model. Devices are granted access to network services based upon factors such as identity, location and time. Zero Trust security means that devices are continuously monitored and evaluated allowing a compromised device to be identified and quarantined immediately and automatically.
SAIFE Connect endpoints terminate their connections within the Continuum cloud infrastructure. Endpoints do not connect directly with one another. This hides the topology of which endpoint is talking with which, making inference attacks much more difficult, compared to standard VPN technology where endpoints directly connect with one another.
No Open Ports, No Port Attacks
Endpoints typically access private networks through vulnerable open inbound ports on the perimeter firewall. SAIFE establishes one-way, response-only connections between the endpoint and the private network for specific, authenticated requests, allowing the inbound port of the firewall to remain closed. Closing all firewall ports effective makes the network assets invisible to the outside world and eliminates the possibility of a distributed denial of service (DDoS) attack.
Networks typically allow endpoints to connect before authentication occurs leaving them vulnerable to service disruptions caused by unwanted connections from untrusted endpoints, as is the case with distributed denial of service (DDoS) attacks. SAIFE’s unique “protect then connect” paradigm authenticates each endpoint before connecting to the network or to another endpoint. In a DDoS attack, untrusted endpoints are denied access during the authentication process.