SECURE NETWORK ACCESS

Appgate Federal|February 11, 2022

How Zero Trust Enables a “12-second Kessel Run” to Dynamic Secure Access

You are running from the empire—or in this case, legacy technologies like a VPN—and stepping into a brand-new secure access world. A world filled with new realities and possibilities.

If you’re like most, you know that a software-defined perimeter (SDP) and Zero Trust Network Access (ZTNA) will apply the force of dynamic Zero Trust principles and bring together hybrid data sources into a single policy model and encrypted communication stream. Likening the force of SDP and ZTNA to movie trivia, Jedi master Obi-Wan Kenobi said, “the force is what gives a Jedi his power. It is an energy field created by all living things. It surrounds us and penetrates us. It binds the Galaxy together.”

Many organizations ditch their VPNs for better security, speed and stealth, just like Luke Skywalker experienced on his maiden Millennium Falcon voyage with Han Solo. Legacy technologies stand alone, are not dynamic nor integrated, so they can’t provide real protection.

Zero Trust Network Access solutions take you to a better world. A world where technologies are brought together to provide better security as the forces of evil threat actors, remote workforces and scattered workloads move against you. A world where IT and security teams no longer must think about whether your connections and data are safe from prying eyes. A world where there is no need to think about manually adding routes or making changes to expose services at the network edge. And a world where device posture and context are combined with each user’s identity to ensure access to protected areas of the network and workloads only happens for authorized users and devices.

So how can you use ZTNA and Zero Trust security principles to bring balance to the chaotic force that is cybersecurity today?

  1. Define your goals. Whether that goal is making record time in the Kessel Run or simply ensuring the principles of Zero Trust are broadly enforced, make your list and stick to it.
  2. Push for speed! Legacy technologies cap the user and workload communication path severely and can cost high dollars to own and operate. Look for solutions that enable your applications and services to work at full NIC speed over whatever network you choose.
  3. Look for ZTNA solutions that are easy to operate and consolidate policy and workload entitlement centrally for easy error free enforcement where it is needed.
  4. Don’t be afraid to start at the top and sequentially work your way to the bottom of the list. And remember that, without a strong identity management process, you will fail.
  5. Automate everywhere you can. Use existing or build new business logic and workflow processes to drive access and enforcement. Just like when navigating lightspeed on the Millennium Falcon, you plan your path to the destination and let the system automate the tasks for navigation.
  6. Always assume the adversary is on the inside and will continue to try to get in more places. If you assume the posture that trouble will come your way or is already there, then you will plan and execute for it.
  7. Budget, budget, budget! Cybersecurity needs to be treated as just as important as every other line item in the budget.
  8. Test! Every organization should test their assumptions. An annual red team/pen test is critical to testing your cyber posture.
  9. I know how this will sound, but don’t be afraid to fail your internal tests. They are there for a reason … to learn. Like Luke learning how to use a lightsaber while wearing the blast shield for the first time, failing leads to success!

A Zero Trust Network Access platform like Appgate SDP will enable your ability to eliminate exposed ports, leverage extensive and dynamic API integrations, have one-touch meta data driven policies and so much more. By creating a dynamic Zero Trust platform for entities to evolve with, Appgate SDP brings your cybersecurity posture into the light and shows you the ways of the force.

For more on how our Appgate Federal Division is leading the way, please visit www.appgate.com/federal-division.

Additional resources:

Blog: Appgate and Rackspace Government Cloud Deliver FedRAMP-Approved Solution
Blog: Federal agencies: make a secure and scalable move to cloud with Zero Trust
Blog: Federal March To Zero Trust Security: CISA'S Guidance Focuses On Four Pillars
Infographic: 2021 Zero Trust Market Dynamics study
Webinar: Zero Trust for Critical Infrastructure

Receive News and Updates From Appgate