This New Solution Enables Developers and Network Admins to Support What Work Looks Like Today – IoT, Edge Computing, Cloud and Multi-Cloud – Without the Need for a VPN
Ahead of this announcement, Brilliance Security Magazine spoke with Don Boxley, CEO and Founder at DH2i to get his unique perspective on the need to redefine privileged access management.
DH2i®, a provider of multi-platform Software Defined Perimeter and Smart Availability™ software, announced the general availability launch of DxConnect™ network security software for integrated Zero Trust (ZT) connectivity. DxConnect enables developers and network administrators to build an integrated ZT connectivity security infrastructure for cloud-native applications, hybrid/multi-cloud connectivity and privileged user access without using a VPN.
The recently published 2019 Verizon Data Breach Investigations Report (DBIR) analyzed 41,686 security incidents, of which 2,013 were confirmed data breaches, and found that the majority of data breaches occurred due to technical deficiencies present in computer networks. The report further pointed out that once cybercriminals are inside a network, their process is almost always the same: establish continued access, escalate or obtain administrator privileges, move quietly to map the entire network, look for open ports, locate the “crown jewels” and exfiltrate the data undetected for as long as possible. The report also stated that just one data breach could cost anywhere from tens of thousands of dollars to as much as $100 million. The recent 2018 Cost of a Data Breach Study: Global Overview by Ponemon likewise reported that the average cost of a data breach was up 6.4 percent to $3.86 million.
The technical deficiencies, or vulnerabilities, existing in today’s computer networks are being exacerbated by the explosion of the Internet of Things (IoT) and edge computing. IoT is made up of billions of smart devices that use IP networks to talk to each other (and to us). The IoT world is growing to a projected 28.5 billion devices by 2022. M2M (machine-to-machine) will be more than half of the global connected devices and connections by 2022. The need for secure privileged user access is growing faster (7 percent CAGR) than the world’s population (1 percent CAGR). Secure cloud-native microservice connections will be the fastest growing IP connection type by 2022.
Legacy connectivity and security approaches such as virtual private networks (VPNs) were not designed or intended for today’s data reality. This has led to issues such as complex setup and management, slow and unreliable connections, limited scalability, highly compromised and vulnerable networks and data and large, escalating costs. DH2i’s DxConnect was designed to work with DH2i’s DxOdyssey software to tackle legacy VPN, cloud-native and privileged user access security issues. DxConnect improves network security, was designed specifically for hybrid/multi-cloud operations, meets the scaling requirements of DevOps, IoT, containers and edge workloads, delivers faster performance, and it has an open API for integrations, analytics, visibility and compliance. A key problem it solves is it enables developers to build encrypted micro-tunnels that span isolated networks to connect containers for a secure multi-cloud service mesh. It also enables organizations to securely connect vendors to a specific cloud application without using a VPN.
“The major changes being driven by advancements such as IoT, edge computing, mobile, and cloud are creating conflicting demands for connectivity security. The traditional ‘Castle & Moat VPN drawbridge’ security model was not designed to meet those demands” said (analyst quote approval pending) 451 Research. “And while a wholesale rip-and-replace is certainly not recommended, enhancing legacy technology, such as VPNs, with an advanced Software-Defined Perimeter solution, such as DH2i’s DxConnect, would be a smart strategy when it comes to fortifying and unifying your organization’s connectivity security.”
“For decades, VPNs have been considered the go-to for network connectivity security. However, VPN technology is no longer able to fully protect today’s networks. In fact, it typically not only exposes sensitive data to increased security risk, but oftentimes multiplies those risks exponentially,” said Don Boxley, CEO and Co-Founder, DH2i. “DH2i’s new DxConnect was designed with an innovative yet flexible architecture to navigate today’s connectivity security challenges such as connecting microservices that are running on isolated networks. DH2i’s DxConnect supports what work looks like today and tomorrow.”
DxConnect Features and Benefits
Micro-Perimeters – Application-level micro-tunnels give network admins and developers the ability to create micro-perimeters to segment by application, not by network.
- Eliminates lateral network attacks
- Unifies HTTP, SSH and inter-microservice connectivity
- Users/services/devices get fast, direct access to applications and services
Discreet Invisibility – Randomly generated non-standard UDP ports for dynamic on-demand micro-tunnel communications.
- Virtually eliminates network attack surfaces
- Users/services/devices are cloaked and secured with no open ports
- Applications and services are invisible to “bad actors”
Multi-Cloud Ready – Designed to enable secure “from any host, to any host, anywhere” application data communications with application-level DTLS encrypted micro tunnels and Public Key Authentication.
- Scales across hybrid/multi-cloud environments
- Leverages native cloud platform capabilities
- Consistent policies and auditing across hybrid/multi-cloud
- No cloud vendor lock-in
Smart Availability – Dynamic movement of micro-tunnel gateways and application workloads with automatic self-healing fault detection and failover.
- Automates and orchestrates micro-tunnel and workload creation and location
- Enables an “always-secure and always-on” application infrastructure
Open API – Lightweight software with open API that runs on any Linux or Windows host.
- Enables secure interconnection to be built into a DevOps toolchain
- Supports Kubernetes, Docker, Chef, Puppet and more for scaling cloud-native apps
- Hardens existing network security infrastructure (e.g. MFA, SIEM, EMM, SSO) and paths to data and services
DH2i Company is the leading provider of multi-platform Software Defined Perimeter and Smart Availability™ software for Windows and Linux. DH2i software products DxOdyssey™ and DxEnterprise® enable customers to create an entire IT infrastructure that is “always-secure and always-on.” To learn more, please visit www.dh2i.com.