申请试用

SDP Specification 1.0

Software Defined Perimeter Working Group

SDP Specification 1.0

软件定义边界(SDP)工作组

2014年4月

Abstract

This document describes the “Software Defined Perimeter (SDP) protocol,” which is designed to provide ondemand, dynamically provisioned, air-gapped networks.Air-gapped networks are trusted networks that are isolated from all unsecured networks and this may allow them to mitigate network-based attacks. The SDP protocol is based on workflows invented by the Department of Defense (DoD) and used by some Federal Agencies. Networks based on these workflows provide a higher level of security, but are thought to be very difficult to use compared to traditional enterprise networks...

Acknowledgments

3

Status of This Memo

6

Abstract

6

1 Introduction

7

1.1 Audience

7

2 Design Objectives

7

3 System Overview

10

3.1 The Changing Perimeter

7

3.2 SDP Concept

8

3.3 SDP Architecture

8

3.3.1 SDP Controller

9

3.3.2 Initiating SDP Hosts

9

3.3.3 Accepting SDP Hosts

9

3.5 SDP Implementations

11

3.5.1 Client-to-Gateway

11

3.5.2 Client-to-Server

11

3.5.3 Server-to-Server

11

3.5.4 Client-to-Server-to-Client

11

3.6 SDP Applications

12

3.6.1 Enterprise Application Isolation

12

3.6.2 Private Cloud and Hybrid Cloud

12

3.6.3 Software as a Service

15

3.6.4 Infrastructure as a Service

12

3.6.5 Platform as a Service

12

3.6.6 Cloud-Based VDI

12

3.6.7 Internet-of-Things

13

3.7 SDP’s Relationship to IKE/IPsec and TLS

13

4 Glossary

13

更多下载查看

点击下载

深云SDP

云时代的企业安全体系

申请试用

申请试用