|
Traditional networks are basically anonymous. Guests, employees, remote employees, contractors, partners and other users all need access to an organization’s network. Once on the internal network, regardless of rights to applications and directories, users can surreptitiously gain access to data. The increased use of VPNs, remote workers and web applications further render traditional network perimeter defenses ineffective, leaving internal networks vulnerable to attack.
Traditional firewalls protect the network perimeter from attack, but their use in securing data within the network is complex and limits the flexibility of the organization. Alternative solutions such as NAC and personal firewalls control admission to the corporate network and basic access control, but do little to secure data within the perimeter.
According to industry analyst Gartner, “adding identity awareness to a network enables visibility into user behavior and adds another layer of protection for critical resources.” *
An Identity-Aware Network Solution
EpiForce allows an organization to create an identity-aware network that protects data and network communications by isolating users, servers, clients and mission critical data into security zones, regardless of system platform or physical location. Access to these zones is based on policy and traffic is selectively encrypted. EpiForce provides flexibility and efficiency not available with traditional network security solutions.
EpiForce builds an identity-aware network through a software-based architecture that enables two critical disciplines:
- Logical Security Zoning Based on Identity controls access to resources by isolating users, virtual or physical servers and clients into one or more private communities without regard to their physical or virtual location. For increased flexibility, zones may be based on users, user groups, IP addresses or ranges, ports and geographic regions - almost any factor.
- Policy-Based Encryption of Data in Motion Based on Identity offers a superior alternative to the rigid all-or-nothing encryption approaches common today. It secures communications between users, VMs, physical servers and clients based on policies dictated by the security administrator.
EpiForce is centrally administered to manage security policies for users and systems from anywhere through a single console. Software resides on the server or client and is available for Windows, UNIX, Linux, VMware and LPAR systems. By operating at the network layer, it is transparent to users and applications – making EpiForce quicker to deploy and less costly to manage than security appliance solutions.
Related Case Studies
- Industry: Financial Services
Learn how a global financial institution achieves regulatory compliance without the cost of replacing legacy applications and sets foundation for next generation security architecture with Apani EpiForce.
>> Download
-
Industry: Insurance Services
Insurance company succeeds in complying with banking partner security compliance requirements, and makes no changes to the network infrastructure.
>> Download
- Industry: Healthcare
California Department of Technology Services (DTS) addresses HIPAA security compliance requirements and secures data-in-motion within its network with Apani EpiForce.
>> Download
*“Introducing the Identity-Aware Network”, Lawrence Orans, Gartner, 10 December 2008/ID Number: G00162947
|
|
What is EpiForce