Building a Zero Trust Platform to Build an Adaptive Zero Trust Network

By Suji Suresh, Software Engineer — May 23, 2019

Two years ago, after taking a 4-year hiatus from writing software for security, I started to seek other opportunities. I wanted to get back to writing security software again. I had interviewed with several companies when my ex-colleague approached me about Edgewise Networks. The term “zero trust” was fairly new to me but it piqued my interest.

I had just purchased a new car. It included a few new safety features that I certainly did not have in my old car. One of the features was blind spot detection. I had never used it before, but blind spot detection quickly became one of the features I started to trust and rely on to ensure my safety as I navigated the crazy traffic in the Boston Metro Area. Today, I still use my peripheral vision as a complementary precaution when driving down the highway, changing lanes, turning, or traveling through an intersection, but there have been times when my peripheral vision did not spot a car that appeared from nowhere. The new technology did, though. Blind spot detection gave me an added layer of safety and allowed me to be on alert for drivers who could cause me harm as I drive from home to work, to the store, or wherever I choose to go.

After interviewing with Peter Smith and Harry Sverdlove at Edgewise, and hearing the story of what they were building, I drove back home thinking to myself, “How cool would it be if we were to apply the blind spot detection concept to building a network topology? More than coolness, it will certainly be safe!”

It has now been two years since accepting a development position at Edgewise. I am writing this blog to explain what it means to build a zero trust network with the Edgewise Zero Trust Platform.

Screen Shot 2019-05-14 at 1.02.03 PM

 


Edgewise will be at AWS re:Inforce, June 25-26, 2019 in Boston. We hope to see  you there! <https://www.edgewise.net/events>


Edgewise Zero Trust Platform

Zero trust networking as a concept is easy to explain. But as a practice, it is hard to adopt. That is because network topology is almost impossibly complex. Behavior patterns are difficult to predict and protect, which makes the attack surface difficult to predict and protect. It is particularly difficult in an ever-scaling hybrid network infrastructure.

This is where Edgewise’s Zero Trust Platform comes into play. The solution that Edgewise offers involves the Edge Agent, the Edgewise Zero Trust Platform, and an API layer to facilitate traffic between the agent and the cloud platform. Our core technology is enriched with machine learning that analyzes data and learns network traffic patterns over time. In addition to this, it assesses risk by identifying network segments that include servers and services which communicate with each other. It recommends policies based on identified risk to enable protection with maximum coverage while minimizing attack surface exposure.

Our technology includes the following components:

Edgewise Policy Builder

Edgewise offers its core technology through a user interface with Edgewise Policy Builder. The user interface uses the API layer to protect network segments with a single click! (No, this not a gimmick!) All policies are built using the cryptographic identities of communicating software in customers’ environments instead of network attributes. This means that policies adjust as the segments scale, eliminating the need for administrative intervention.

Edgewise Advise Monitor

Edgewise Advise Monitoring offers monitoring capabilities that allow you to monitor network communication paths and the result of application communication attempts. The security events gathered from the network activities are retained in the Edgewise Cloud, providing the ability to inspect data at any time.

We also offer SIEM integration for Splunk through monitoring APIs. The APIs offer filtering capabilities, allowing administrators to focus on real threats.

Edgewise Risk-Based Security

There has been much discussion around the topic of risk-based security. However, the concept has been a challenge to implement in a practical way. The challenge has been in declaring the identity of the communicating software, the user, and the host, and also in identifying the threat agent.

Edgewise’s core algorithm involves verifying the identity of the communicating software, the host on which the software runs, and the user owning the software. This is further enhanced by its ability to identify risk posed by the threat agents.

Edgewise’s machine learning technology analyzes application communication patterns and flags malicious and multi-use software. The flagged threat agent or software can easily be evicted from the configured network segment!

Conclusion

Together, the features of the Edgewise Zero Trust Platform add up to blind spot detection, meaning that threats on your network can’t come out of nowhere, undetected, and cause a breach or disruption to services. Much like the blind spot detection that came with my new car, Edgewise’s technology allows network and security teams to do what they do best—ensure the uptime and availability of the network, in a secure way—without worrying about being hit by a bad actor.

On the road, you can’t prevent bad drivers from driving on the same streets as you do. But with Edgewise, you can stop bad software from communicating on your networks. Our “blind spot detection” and zero trust methodology mean that even if a bad actor gets onto your “networking highway,” they won’t be able to move laterally, introduce malware, or impact performance.

Just like it is sometimes uncomfortable to fully trust a new feature in your car, it is hard to adopt a new security paradigm such as zero trust. When you understand how a zero trust network is built, you will realize how important it is to fully protecting your network infrastructure.

I help build the Zero Trust Network Platform at Edgewise. We bring it to you as a service. I call it ZTaaS—Zero Trust as a Service. ZTaaS allows you to protect network segments with a single click while constantly adapting to topology changes both within and outside the segments.

 

Suji Suresh, Software Engineer

Written by Suji Suresh, Software Engineer

Suji Suresh is a software developer at Edgewise and a proud member of the technical team responsible for architecting and designing the control plane for the Edgewise Zero Trust Platform. With over 15 years experience in writing security software, she is excited to be a part of a high-energy team whose main goal is to help companies build a secure zero trust network topology.