申请试用

Software Defined Perimeter for Infrastructure as a Service

Presented by SDP Working Group

Software Defined Perimeter for Infrastructure as a Service

软件定义边界(SDP)工作组

2014年4月

GOALS

Awareness and adoption of the Software-Defined Perimeter architecture (SDP) is rapidly growing, and its effectiveness is being proven across numerous enterprises and use cases. We believe that the time is right to publicly promote the use of SDP to protect Cloud-based resources, given the rate at which organizations are strategically embracing Infrastructure as a Service (IaaS), and the compelling need to secure access to these resources. This document is intended to explore and explain how a Software-Defined Perimeter (SDP) architecture can improve security, compliance, and operational efficiency when applied to Infrastructure-as-a-Service environments. Readers will obtain a clear sense of the security challenges facing Enterprise users of IaaS (given the Shared Responsibility model), understand the problems that arise from combining native IaaS access controls with traditional network security tools, and learn about how a Software-Defined ...

GOALS

5

APPROACH AND SCOPE

6

EXECUTIVE SUMMARY

6

SDP and the CSA Treacherous 12.

7

INTRODUCTION: IAAS SECURITY OVERVIEW

10

TECHNICAL FOUNDATION

11

An IaaS Reference Architecture

11

Why is IaaS Security Different?

12

Location Is Just Another Attribute

12

The Only Constant is Change

12

The IP Address Conundrum

12

Security Requirements and Traditional Security Tools

13

Jump Boxes: Look Before You Lea

15

Why SDP and not VPNs?

16

Virtual Desktop Infrastructure (VDI)

17

How a Software-Defined Perimeter Solves These Problems

17

What is the Software-Defined Perimeter?

18

更多下载查看

点击下载

深云SDP

云时代的企业安全体系

申请试用

申请试用