Who would have thought that modern, software-defined access technology like zero trust network access (ZTNA), also known as a software-defined perimeter (SDP), would harken back to the days of the switchboard?
Back in 1876, Alexander Graham Bell was awarded the first U.S. patent for the creation of the telephone. The next step was figuring out how to connect callers to other callers at scale. In 1882, the world’s first multiple switchboard was created. It would serve as a highway for quick, private connectivity.
The idea was to be able to connect any particular group of lines with any other line within the switchboard. This meant that every operator had to be within reach of each line and that only the operator knew the phone number of the other party. Callers would inform the operator with whom they would like to speak, and the operator would then ring the correct party and establish a private connection between them, if appropriate. The telephone operators were tasked to keep up with the changing volume of calls, so they needed the right equipment to be able to answer calls 24 hours a day and meet the customer demands of service. They would also record the call, including the length and destination of the call so that they could accurately bill the caller.
Fast forward to today. If you post your phone number on LinkedIn, recruiters will be able to call you, but so will anyone else on the internet. Unfortunately, this is the same way that incumbent security methods treat applications, which means they can introduce risk or unauthorized access.
Consider this. The purpose of an inbound VPN gateway is to secure the network via appliances that allow remote users to connect to the network. This requires the IP address of a VPN concentrator to be exposed as it sits at the edge of the network listening for inbound calls in order for the remote user to connect. But, similar to the LinkedIn example above, your information is also exposed to the Internet.
A modern set of software-defined access technologies has been developed to enable connectivity to private apps without ever exposing them to the internet—instead, it makes them dark. Guess you could call it a highway for quick, private connectivity to internal apps. It’s called the software-defined perimeter (SDP), a technology that Gartner calls zero trust network access (ZTNA), and it works somewhat similarly to those switchboards of the past.
Here’s how software-defined access works:
Striking similarities, right? Even down to the ability to record detailed activity logs in real time and, in the case of SDP and ZTNA, auto-stream them to a SIEM provider for further analysis.
When it comes to security, SDP and ZTNA provide four key benefits:
Since this connectivity is delivered over a hosted cloud service, the ability to scale based on user volume is simple. This means there’s no need to buy more appliances and add to the inbound VPN gateway stack. And why would you? After all, most users aren’t even connected to the network.
Who would have thought that a concept developed in 1882 could still be relevant in a world where apps are moving to cloud and remote users are connecting with personally owned devices on unprotected networks? But it is, and SDP proves it.
To learn how enterprises are using software-defined access technology, read about the Gartner CARTA security framework and find out what ESG Research says about SDP. You can also read about ZTNA technology in a newly released Gartner market guide.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Christopher Hines is head of product marketing for Zscaler Private Access and Zscaler App