2019: It's Time for a VPN Alternative
Jason Garbis, SVP, Product Marketing
Today's network landscape is one of incredible complexity with distributed applications, people, and data. Companies have taken the standard method of protection, the trusted private network, and applied hundreds or thousands of VPN and firewall rules with complex topologies to manage the chaos. Our expanding cloud and mobile ecosystems have made the perimeter both porous and irrelevant. In the meantime, our networks are infested with unsanctioned, insecure devices. To complicate matters, in an increasingly distributed work environment, cyber threats are just as likely to come from inside the organisation as they are from the outside.
VPNs have four critical flaws.
Using VPNs in an era of perimeterless IT is a problem because they don't provide security. There are several reasons why:
- VPNs authenticate to everything. Once authorised, users typically have complete access to the authenticated network.
- VPNs are too simplistic. In a world where the physical perimeter is no longer relevant, they are unable to keep up.
- VPNs provide static, perimeter-based security. This is ineffective when user context and security threats are ever-changing.
- VPNs are a siloed solution. Ultimately, VPNs are only useful for remote access by remote users. They don't help organisations secure on-premise users or on-premise networks
What's an enterprise to do?
A Software-Defined Perimeter (SDP) is a network security model that dynamically creates 1:1 network connections between users and the data they access. SDP reduces the attack surface in real-time by creating a discrete, encrypted network segment of one, making everything else invisible and inaccessible. A network segment of one is an individualised, micro-segmented network tailored for each individual user, device, and session. Further, this solution is holistic – it provides a single secure access control platform for both remote and on-premise users accessing remote and on-premise resources.
A Software-Defined Perimeter is designed around the user and addresses VPN shortcomings:
1. It's user-centric.
An SDP ensures we know as much about a user as we can BEFORE allowing them to make a connection to the network such as:
- What is their user context?
- What device they are using, and what is its security posture?
- Where are they located?
2. It's adaptive and extensible.
It manages access and adapts based on user context, device, and security conditions. It integrates with operational systems and provides an individualised perimeter for every user, granting specific access and visibility.
3. It enforces Zero Trust
Cyxtera's Software-Defined Perimeter solution, AppGate SDP, creates a discrete, encrypted segment of one, making everything else invisible and inaccessible. AppGate SDP prevents modern attacks by reducing network attack surface and implementing adaptive security.
In 2019, enterprises have a choice: keep employing outdated technology in an attempt to secure a perimeterless world or realise that we need a VPN alternative. It's time to use the latest cybersecurity innovations to secure the technology of today.
To learn more, watch the on-demand webinar with our customer Verdant who replaced their VPN with SDP. Click here to access.