Dedicated To IT Security Issues, Featuring News, Press Releases, IT Directory & Links
Protecting Your Data with an Identity-Aware Network
Published 30th March 2009
On a traditional network, access is required by numerous users. Once on the internal network, regardless of rights to applications and directories, users can often covertly gain access to data. This worry is on the increase with the rise in remote workers, web applications and VPNs, which make it even more difficult to have an effective network perimeter.
Traditional firewalls can help to protect the network perimeter from attack, but once you start to try to use them to secure data within the network, it can limit the flexibility needed by an organisation. On the other hand, NAC and personal firewalls control admission to the corporate network and basic access control, but fall short on securing data within the perimeter.
EpiForce, developed by Apani, operates at the network layer and is transparent to users and applications. It offers a solution to create an identity-aware network that both protects data and network communications by isolating users, servers, clients and mission critical data into security zones, regardless of system platform or physical location. Access to these zones is based on policy and the traffic is selectively encrypted. This offers an organisation flexible efficiency.
The EpiForce software-based architecture enables two critical disciplines
Logical Security Zoning Based on Identity controls access to resources by isolating users, virtual or physical servers and clients into one or more private communities without regard to their physical or virtual location. For increased flexibility, zones may be based on users, user groups, IP addresses or ranges, ports and geographic regions - almost any factor.
Policy-Based Encryption of Data in Motion Based on Identity offers a superior alternative to the rigid all-or-nothing encryption approaches that are common today. It secures communications between users, VMs, physical servers and clients, based on policies dictated by the security administrator.
EpiForce is quicker to deploy and less costly to manage than security appliance solutions and is centrally administered through a single console. Software resides on the server or client and is available for Windows, UNIX, Linux, VMware and LPAR systems.