Edgewise Zero Trust Platform
Zero trust networking as a concept is easy to explain. But as a practice, it is hard to adopt. That is because network topology is almost impossibly complex. Behavior patterns are difficult to predict and protect, which makes the attack surface difficult to predict and protect. It is particularly difficult in an ever-scaling hybrid network infrastructure.
This is where Edgewise’s Zero Trust Platform comes into play. The solution that Edgewise offers involves the Edge Agent, the Edgewise Zero Trust Platform, and an API layer to facilitate traffic between the agent and the cloud platform. Our core technology is enriched with machine learning that analyzes data and learns network traffic patterns over time. In addition to this, it assesses risk by identifying network segments that include servers and services which communicate with each other. It recommends policies based on identified risk to enable protection with maximum coverage while minimizing attack surface exposure.
Our technology includes the following components:
Edgewise Policy Builder
Edgewise offers its core technology through a user interface with Edgewise Policy Builder. The user interface uses the API layer to protect network segments with a single click! (No, this not a gimmick!) All policies are built using the cryptographic identities of communicating software in customers’ environments instead of network attributes. This means that policies adjust as the segments scale, eliminating the need for administrative intervention.
Edgewise Advise Monitor
Edgewise Advise Monitoring offers monitoring capabilities that allow you to monitor network communication paths and the result of application communication attempts. The security events gathered from the network activities are retained in the Edgewise Cloud, providing the ability to inspect data at any time.
We also offer SIEM integration for Splunk through monitoring APIs. The APIs offer filtering capabilities, allowing administrators to focus on real threats.
Edgewise Risk-Based Security
There has been much discussion around the topic of risk-based security. However, the concept has been a challenge to implement in a practical way. The challenge has been in declaring the identity of the communicating software, the user, and the host, and also in identifying the threat agent.
Edgewise’s core algorithm involves verifying the identity of the communicating software, the host on which the software runs, and the user owning the software. This is further enhanced by its ability to identify risk posed by the threat agents.
Edgewise’s machine learning technology analyzes application communication patterns and flags malicious and multi-use software. The flagged threat agent or software can easily be evicted from the configured network segment!
Together, the features of the Edgewise Zero Trust Platform add up to blind spot detection, meaning that threats on your network can’t come out of nowhere, undetected, and cause a breach or disruption to services. Much like the blind spot detection that came with my new car, Edgewise’s technology allows network and security teams to do what they do best—ensure the uptime and availability of the network, in a secure way—without worrying about being hit by a bad actor.
On the road, you can’t prevent bad drivers from driving on the same streets as you do. But with Edgewise, you can stop bad software from communicating on your networks. Our “blind spot detection” and zero trust methodology mean that even if a bad actor gets onto your “networking highway,” they won’t be able to move laterally, introduce malware, or impact performance.
Just like it is sometimes uncomfortable to fully trust a new feature in your car, it is hard to adopt a new security paradigm such as zero trust. When you understand how a zero trust network is built, you will realize how important it is to fully protecting your network infrastructure.
I help build the Zero Trust Network Platform at Edgewise. We bring it to you as a service. I call it ZTaaS—Zero Trust as a Service. ZTaaS allows you to protect network segments with a single click while constantly adapting to topology changes both within and outside the segments.