Software-defined perimeter (SDP) is a new approach for securing access to business applications. It’s become particularly important as mobile users access cloud-based applications.
Enterprises have long relied on virtual private networks (VPNs) to connect mobile or remote users to applications and other network resources. But, traditional VPNs are poorly suited for the shift to IaaS and SaaS. They rely on appliances, such as firewalls or VPN concentrators, binding mobile users to specific locations. Such an architecture adds latency, and creates a chokepoint for cloud access. And, to even reach the VPN gateways, users must rely on the unpredictable Internet. Once connected through a VPN, users are trusted with access to all resources on the network, increasing the risk of malware propagation and data breach. Overall, legacy VPN architectures expose the enterprise to attacks and adversely impact the user experience, especially when accessing cloud applications.
SDP reduces risk by restricting network access to authorized resources. Most SDP point-solutions fail to address mobile performance problems, especially for global access. They also fail to continuously inspect traffic to application resources for threats post authentication. And they introduce management and deployment complexity, requiring additional server software, network appliances, or cloud services.
SDP as a service (also known as cloud-based SDP) delivers secure mobile access as an integral part of a company’s global network. Performance improves with direct, optimized access across a managed, cloud-based SD-WAN. Risk is minimized before and after users access the network through strong authentication and continuous traffic inspection. SDP as a service makes mobile access easy — easy to deploy, easy to use, and easy to secure.