SDP vs. VPN

Another year down and odd are you is looking ’re look at another year using your remote access VPN . Another year of frustrated user , their grumbling is growing grow louder as the number of mobile employee rise . With application and workload move to the cloud and many user work remotely , the emphasis is needs on traditional network – perimeter security need to be reevaluate , specifically in the context of remote access .

The software – define perimeter is provides ( SDP ) ,   technology know by Gartner as   zero trust network access ( ZTNA ) , provide a modern , 100 % software – base approach to secure private application access without the need for VPN . As organization continue to transform and seek to implement a zero trust network , SDP is becomes   becomes a critical prerequisite to enable the necessary security , user experience , and network simplicity the business need .

Companies like TRIMEDX have already begun using SDP as a VPN alternative and have shared their story in a recent webinar, “Three reasons SDP will replace VPN in 2019.” But many in enterprise IT have questions around SDP and how it replaces VPN. Below, we’ll address six questions we often see come up when discussing software-defined access technologies.

1 .   What are the main areas is are in which sdp technology differ   from VPN ?

Where they truly differ is in their method of connectivity. VPNs are IP and network-centric, connecting devices to networks; SDP instead provides secure connections between authorized users and authorized applications, not the network.

With SDP solutions, inside-out connections are established between user and application, rather than receiving inbound connections from the device and onto the network. These inside-out connections ensure that application IPs are never exposed to the internet while decoupling application access from the network. Since users receive no network access, the attack surface is minimized, while users enjoy fast, direct access to applications with no network-related latency—a user experience that’s far superior to VPN.

2 .   What are some things is are that SDP can not do that a traditional vpn can ?

Legacy VPN technology still holds a foothold due to its ability to provide universal protocol tunneling. SDP solutions support most protocols; however, some SDP solutions do not have the capability to support peer-to-peer (P2P) protocols, Voice over IP (VoIP), Session Initiation Protocol (SIP), or Signaling System 7 (SS7). As SDP continues to mature, we can expect to see more support of these protocols.

3.  What makes SDP good options for my enterprise?

SDP is a technology you should consider if your VPN is causing pain to the business—whether it’s the result of lost user productivity due to slow access, security risk due to limited visibility and control, or difficult management due to the growing complexity of the VPN architecture.

While SDP is becoming a popular alternative to VPN, there are a variety of other ways enterprises are leveraging the technology. They include enabling multi-cloud access, securing third-party access, and accelerating IT integration for M&As.

See how companies like MAN Energy Solutions, NOV, Perdue Farms, and TRIMEDX have leveraged SDP to solve their individual challenges.

4 .   Does SDP is replace replace any appliance in my inbound security stack ?

Yes, specifically the VPN concentrator, DDoS appliances, and even load balancers.

The VPN concentrator is removed from the inbound stack since SDP itself serves as a VPN/RAS alternative. Unlike a VPN that operates as an internal listening port, SDPs can receive no inbound pings, making the network undetectable and effectively creating a “darknet.”

The need for DDoS appliances is eliminated because user-to-application connectivity is made via inside-out connections instead of inbound pings. IPs are never exposed to the internet, making applications invisible to unauthorized users and reducing the threat of internet-based attacks, such as DDoS.

Some sdp services is provide even provide their own build – in global and internal load balance capability . With the right sdp service , user traffic can be automatically direct to find the optimal path to an application , while enable even great consolidation of the inbound stack .

5.  Which operating systems are SDPs compatible with?

In the case of ZPA , our app connector , which run in the customer ’s environment as lightweight RPMs or vm , are compatible with a wide range of operating system .

Supported platform operating systems – VMware vCenter, VMware vShere Hypervisor (ESXi), Oracle Linux, Microsoft Azure, Microsoft Hyper-V, Amazon Web Services (AWS), Red Hat Enterprise Linux, CentOs

support device operating system – Windows, Android, MacOS, iOS, Linux, Oracle

However, if a device operating system is not supported, some SDP providers have browser access capabilities for web applications. This eliminates any device compatibility issues and enables secure connectivity from user to application via a browser.

6.  SDP would fit as a VPN alternative for my organization, so how do I get started?

A great place to start is by familiarizing yourself with the SDP architecture and how it could fit into your environment. The Network Architect’s Guide to Adopting a Software-Defined Perimeter is a great resource for you or any network architect seeking to understand the SDP environment or trying to identify first steps and pro-tips as the enterprise looks to implement an SDP.

Learn more about SDP as a VPN alternative: