SDPAutofence

An SDP continuously ensures only trusted devices, used by authorized users, can access trusted systems. The unified access solution protects internal/cloud networks and applications.
Authorized Users
Authorized Users
Zero-Trust Model
Zero-Trust Model
SDP Autofence graphic

SDP

Based on Zero Trust
Verify every request Cyber Protection
Verify every request Cyber Protection
Authenticate First
Authenticate First
Connect Second
Connect Second

VPN

Based on Implicit Trust
Unrestricted access Firewall Overheads
Unrestricted access Firewall Overheads
Connect First
Connect First
Authenticate Second
Authenticate Second

Features

Principle of Zero Trust
Principle of Zero Trust
Trust is not assumed. Trust starts from the level of 0, and this level increases or decreases depending on the security checks made by the SDP.
Identity Centric
Identity Centric
Authenticate users on the basis of a complete user profile, not based on an IP address. User profile contains details such as the user role, privileges and location.
Principle of least privilege
Principle of least privilege
As the user proves his/her identity (by passing the security checks), his/her trust score increases. To gain access to resources of a higher privilege level, users need to pass strict security checks.
Build like a cloud, for the cloud
Build like a cloud, for the cloud
AutoFence SDP is designed to support cloud architecture. Unlike traditional network security, SDP has no centralized network choke point. The migration costs are also minimal as AutoFence SDP is completely compatible with corporate networks.

SDP Autofence Architecture

SDP Autofence Architecture
Client

A daemon installed on the users device that periodically sends device information and user credentials to the Controller

Controller

Where users are authenticated, policies are applied and trust score is generated

Gateway

Brokers access to protected resources and assets

  • User opens the client application to connect to the network and enters his credentials.
  • Client device sends device information and user credentials to the controller.
  • Controller evaluates credentials and applies an access policy based on the context provided.
  • Controller issues a token, granting the user their individual network entitlement/access.
  • Access request is forwarded to the gateway, that brokers access to protected resources.
  • Once access is granted, all accessed resources move through an encrypted connection
  • The client, controller, and gateway work together to monitor any changes or malicious activity.

Why Zero Trust ?

It is difficult to determine when to take action and how to take action in case of a cyber attack. A fast and automated plan of action is essential in case of a breach.
The average breakout
The average breakout time is 1 hour and 58 minutes. This means an enterprise has two hours to detect, investigate, and contain the threat.
1-10-60 rule
1-10-60 rule — detecting an intrusion within 1 minute, investigating within 10 minutes, and isolating or remediating the problem within 60 minutes.
Sdp advantages bg

Advantages of AutoFence SDP

End-To-End Protection

Tracking utilizing Access Control Engine, Control Plane, Endpoint-Level Encryption, and distributed policy.

Access Control

An attacker is unable to circumvent access controls and data protection, especially where it matters the most

Attribute the attack to an offending actor

Since the AutoFence SDP platform is designed to continuously monitor access to enterprise resources, tracing the footsteps of an intruder is possible.

A Secure Digital Business

The builtin Need to Know and Least Privilege access model ensures user access to only specified enterprise applications and systems -- and that to only from authorized user devices.
Advantage of SDP

Products to Protects Your Enterprise

DISM

DISMSecuReign

Succeed in the digital age with DISM's enterprise assets and team modeling framework. DISM can be used to organize key aspects of digital strategy and enterprise security such as asset catalogs, user management, and deployment operations.
Learn More
IDS

IDSRouteTrace

An Intrusion Detection System (IDS) is a network security solution built for detecting malicious activities or policy violations. Security violations and other events are auto-logged to trigger monitoring workflows.
Learn More
EPS

EPSEnforceEdge

Endpoint Security (EPS) safeguards client devices like tablet, mobiles, laptops, etc. It includes anti-virus, browser sandboxing, drive encryption and other solutions to secure remote users and devices.
Learn More