The new solutions on the CryptoFlow platform include:
CryptoFlow SafeCloud: end-to-end protection of enterprise applications being extended to public Clouds, including the market-leading public Cloud service. CryptoFlow SafeCloud provides a single point of control for protecting all communications among an enterprise’s public Cloud, private Cloud, data center and users. Security managers can set simple, point-and-click policies that enforce role-based access control to Cloud resources for all authorized users on any Windows, iOS or Android device. The enterprise directly controls all keys, protection profiles and role-based access policies.
CryptoFlow SD-WAN: end-to-end security of enterprise applications using the Internet or other open networks for software-defined WAN (SD-WAN) connectivity between applications and users. CryptoFlow SD-WAN permits enterprises to offload WAN connectivity from expensive dedicated WAN services to the Internet on per-application basis while maintaining full security control over keys and policies.
Both solutions are built on a breakthrough new solution component, the CryptoFlow skyBridge. A Cloud-based service from Certes, CryptoFlow skyBridge automatically connects users with applications without requiring any configuration or changes of the enterprise network or applications.
CryptoFlow skyBridge:
· Extends secure software-defined CryptoFlow virtual overlays across the Internet and other open networks.
· Extends the CryptoFlow role-based access control and security policy for any user to any application across the Internet to the Cloud or distributed sites.
· Automatically bridges encrypted traffic between users and applications, including applications in the Cloud or distributed sites. Traffic is encrypted from end-to-end so no application payloads can be accessed except by authorized end users.
· CryptoFlow skyBridge is bundled with Certes CryptoFlow solutions at no extra cost.
The new solutions expand on the market-leading Crypto-Segmentation capabilities of the CryptoFlow platform. Crypto-Segmentation provides strong cryptographic protection of application traffic on networks both inside and outside. Crypto-Segmentation isolates applications and contains breaches by completely blocking lateral movement when user credentials are compromised, hackers penetrate firewalls, or insider threats arise.
By enforcing role-based access control over all users for all applications, CryptoFlows ensure that users can access only the applications that they need to do their jobs. If a user is compromised, a hacker can gain access to only the narrow set of applications available to that user and the hacker is blocked from lateral movement to the more sensitive applications.
“We needed a flexible way to protect our sensitive networked applications to maintain compliance and meet our verifiable auditable stringent security requirements,” said Dominick Birolin, Senior Network Engineer / Cyber Security, at Essential Power Services LLC. “We were impressed with the business-centered and infrastructure-agnostic way that the Certes solution enables us to set security policies and enforce them with strong cryptography. The Certes solution makes it very easy for us to protect our applications end-to-end even on our internal networks, ensuring that if someone breaches our outer defenses, our most sensitive applications remain safe.”
“As breaches keep proving, today’s enterprise applications are only as safe as the least secure of the insider users or outsider users granted access to them,” said Satyam Tyagi, Certes Networks’ CTO. “When hackers compromise a user, they can very easily move laterally to the most sensitive applications. Crypto-Segmentation with our CryptoFlow solutions block that lateral movement, containing a breach and ensuring that a single compromised user does not put the entire enterprise at risk.”