Verizon Hides User Apps With New SDP Service
You can't hack what you can't find. That's the premise behind Verizon Enterprise Solutions' new Software-Defined Perimeter (SDP) service that uses a cloud architecture to create a virtual perimeter around the sort of enterprise network that knows no physical boundaries.
Verizon says that SDP service provides pre-authenticated, context-aware, secure access to enterprise applications. This means that the cloud-based service is the "public" face of every enterprise application; users must sign in and be authenticated by the SDP, which only then forwards the user transaction to the relevant application.
The concept of the SDP isn't new. It was initially developed from work on an approach known as a "Black Cloud" at the Defense Information Systems Agency in the mid- to late-2000s. Because all user authentication must go through the SDP, all DNS and IP address information for the application can be hidden from public view. This approach is an operational definition of "security through obscurity," a tactic that has its detractors but is widely used in military and enterprise applications.
Verizon SDP service is part of the broader portfolio of virtualized security services available from Verizon. The service includes, in addition to application authentication and obfuscation functions, a perimeter firewall, VPN termination and public key infrastructure (PKI) for the customer. (See Verizon Ditches Enterprise Cloud in IBM Deal.)
Verizon SDP has begun its rollout, and is currently available in the US, Canada, EU countries and Norway.