Partner Program Overview
Designed to deliver unparalleled customer value and accelerated mutual growth by harnessing partner expertise and ColorTokens cybersecurity technology.Learn More
As the apocryphal tale goes, after a fruitless 10-year siege at the walled city of Troy, Agamemnon’s Greek army devised a cunning plan to get inside. They retreated, leaving only a massive wooden horse behind. Taking it for a gift or tribute, the Trojans wheeled their prize into the city. When night fell, the Greek soldiers hidden inside the horse slipped out and opened the city gates, allowing their waiting comrades to rush in and the rest is history.
History shows that successful attacks often exploit the weakest link. This was true for ancient stone fortresses as it is for today’s ‘data castles’ in the cloud or on-premise. The tactics behind some of the world’s most notorious security breaches are still in play in today’s digital age.
For a long time, companies thought they just needed to increase perimeter security strategies to adequately secure their internal systems. As history has shown for us, one Trojan horse can take down the kingdom.
Perimeter defense security as an all-encompassing solution is indeed a myth. While it acts as an organization’s first line of defense, it’s not the complete answer to security. As the cloud becomes more utilized, perimeter security will become less effective.
With the current dynamic and hybrid nature of the data centers and corporate networks spreading across multiple locations or cloud environments, there is no way one static perimeter control can secure all of them. Building a static perimeter for each data center/dynamic application environment is not operationally scalable. In addition, maintaining a consistent security policy implementation across each vendor and environment like VMware, AWS, Azure, GCP, KVM, Hyper-V, and so on, is even more challenging. Finally, the dynamic nature of short-lived workloads moving across environments makes it impossible to maintain the security posture using the classic perimeter security approach.
Due to the issues listed above, by providing security control at the perimeter, you will end up with very limited internal segmentation, ultimately leaving you with the following security blind spots:
The best way to secure a workload is by controlling the communication right at the workload instead of relying on the intermediary infrastructure like network or hypervisor. Every workload needs its own perimeter security (host-based), just like every cell in your body defends itself.
An effective solution to implement host-based should include:
Is your enterprise looking for a different approach to securing your workloads?