Challenge

THE PROBLEM 

A security gap in how the Internet operates: the inability to authenticate network traffic sources. Without authentication, unidentified and unauthorized users and devices can scan, probe and access networks and cloud services. This security gap is exploited in all cyber-attacks through the process of network scanning and reconnaissance, and it has been further exposed and magnified by cloud services, mobile connectivity, and the Internet of Things (IoT).

Solution

THE SOLUTION

Protecting against cyber-attacks is a business continuity and competitive issue that CIOs and CISOs need to proactively address. Deployed in enterprise & operational networks, and by cloud service providers to:

  • Isolate, and protect servers and cloud services from unidentified and unauthorized users.
  • Stop cyber-attacks by blocking scanning and reconnaissance - you can't attack what you can't see.
  • Segment networks and isolate IT and IIoT systems and devices to reduce risk and meet compliance requirements.

Government

Today, more than ever, government agencies need to provide a higher level of cyber defenses against the constant and nation state cyber-attacks.

SOLUTION: BlueArmor Transport Access Control (TAC) acts as a liaison between the chaos of the Internet and a government agency’s network, preventing all unapproved traffic from even knocking on the network’s front door, authenticating every network connection on the first packet. The result is an immediate and tangible reduction in the malicious, unwanted traffic that pose the bulk of cyber threats today.

Healthcare

Cyber security has become a dominant issue in healthcare. The high value of patient and proprietary information, often created and managed by legacy devices and systems that lack of effective security access controls, is exposing members of the healthcare continuum to an increasing threat of cyber-attacks.

SOLUTION: BlueArmor Transport Access Control (TAC) acts as a liaison between the chaos of the Internet and a government agency’s network, preventing all unapproved traffic from even knocking on the network’s front door, authenticating every network connection on the first packet. The result is an immediate and tangible reduction in the malicious, unwanted traffic that pose the bulk of cyber threats today.

IIoT and Utilties

Industrial Control Systems (ICS), the utility grid, and the Industrial Internet of Things (IIoT) tie together a wide range of devices and services, including many that are in the class of critical infrastructure. This growing number of endpoints connected to the Internet increases the cyber-attack surface – each class of endpoints and their cloud service provider infrastructure introduce new vulnerabilities and attack vectors.

SOLUTION: BlueArmor Transport Access Control (TAC) is well suited to protect distributed endpoints and their cloud services, given it works end-to-end across network and cloud boundaries, and that TAC works well in undefined topology networks. BlueArmor segments and isolates SCADA and IIoT devices and the cloud infrastructure that manages them, blocking scanning, discovery, and access from all unidentified and unauthorized devices and systems.

Hybrid Cloud

Cloud computing systems have the same vulnerabilities as your IT infrastructure, requiring security and risk management as well as meeting regulatory compliance and auditing requirements. However, the same security controls you use to protect your data center servers cannot be extended to protect your cloud infrastructure and services.

SOLUTION: BlueArmor allows you to build your cloud and enterprise network security controls around identity and move past the limitations of using network topology and addresses for network security. By authenticating identity during TCP session establishment, you are enforcing policy based on who you are, not on where you are coming from or how you got there.

Core features

  • Micro-Segmentation Using Identity: Network segmentation with identity-based access controls to block or allow network connections.
  • Adaptive Approach to Cyber Defense: Change the dynamic and render previously successful attack methods impotent.
  • First Packet Authentication: End-to-end, highly scalable and noninteractive authentication of network sessions at the transport layer.