Change management of traditional network security controls is a slow and cumbersome process, often involving manual ticketing for mundane tasks such as the addition of a port on a firewall rule. Address-based controls hinder application agility and add complexity in private, enterprise-managed network segments. This drag is compounded to the point of paralysis in public cloud environments where the network is beyond the organization’s control.
With Edgewise, security policy is based on application identity rather than controlled by IP address and port. Only the applications you authorize can talk on the wire; they can only do so when they’re in the environment where you expect them, and can only communicate with their authorized and cryptographically-identified dependencies. In this world, you deploy policy once, segment your topology once, and deploy software into it forever. No more late night firewall changes. No more change-control board. No more untested rollback plans. No more urgent alerts about a blocked port on a firewall because someone else didn’t understand what software was talking on that port, or why.
The Edgewise agent is deployed into all phases of your deployment pipeline. Once on your hosts or workloads, Edgewise automatically maps the application topology and recommends security policy based on normative modeling of observed behavior. Edgewise enables application owners and developers, DevOps, network and security teams to collaborate in a single control plane, using a single source of truth. Zero Trust all the things, with Edgewise.