Software Defined Perimeters (SDPs) are in the news again and Waverley Labs could not be happier. Verizon Enterprise Solutions has launched its new Software-Defined Perimeter (SDP) service that enables enterprise customers to proactively identify and block cyberattacks by creating a virtual boundary around their network.
Verizon’s SDP service, a scalable Software-as-a-Service (SaaS) solution, provides pre-authenticated, context-aware, secure access to enterprise applications. The service works by isolating communications between enterprise applications and end-user devices, enabling rapid identification and prevention of network-based cyberattacks such as denial of service, connection hijacking, and credential theft.
“Our new Software-Defined Perimeter service gives enterprise customers the ability to enhance their network security with a virtual and easy-to-implement solution,” said Shawn Hakl, vice president of new products and innovation at Verizon. “The industry has been focused on SDP development for several years. We’re pleased to offer this critical offering to help companies protect their network, their business, and their brand.”
The Verizon announcement is the latest example of SDP emerging as a key component in a new security paradigm for reducing and eliminating risk. SDPs employ an authenticate-first approach by securing every connection to a predetermined service, application or critical infrastructure. The primary effect of the SDP is that it allows good packets and connections while dropping bad packets and preventing bad connections.
The SDP, or “Black Cloud,’ shrouds the application (or IT environment) to all but authorized users and devices. SDP cryptographicaly approves users and devices prior to making connections to services and applications within the perimeter to hide critical applications from hackers. In addition, SDP can be used in government applications, such as enabling secure access to FedRAMP-certified cloud networks, as well as enterprise applications such as enabling secure mobile phone access to public clouds.
Waverley Labs worked closely with the Cloud Security Alliance’s (CSA) Software Defined Perimeter Working Group that developed the SDP specification and reference architecture. Since then, SDP has been adopted by the Cloud Security Alliance and its members and is being deployed commercially, while Waverley Labs has released the industry’s first open source reference implementation for SDP engineered to eliminate distributed denial of service (DDoS) attacks. A demo of the SDP for DDoS can be seen here.
DDoS attacks, particularly on government agencies, continue to increase in size and frequency,” said Luciano “J.R.” Santos, Executive Vice President of Research, Cloud Security Alliance. “As one of the founding partners in the development of SDP, Waverley Labs has been at the forefront in advancing SDP solutions to protect critical applications and infrastructure and stop DDoS attacks.”
The Verizon announcement follows the CSA’s successful formation of a new SDP for IT Infrastructure-as-a-Service (IaaS) initiative focused on addressing how SDP can solve security, compliance and administration challenges for IaaS.
For more information, check out this white paper on Software Defined Perimeters.
Also feel free to check out the industry’s first open source reference implementation of SDP developed by Waverley Labs. The reference architecture and repository can be accessed and downloaded here.