Artificial Intelligence | News | Insights | AiThority
[bsfp-cryptocurrency style=”widget-18″ align=”marquee” columns=”6″ coins=”selected” coins-count=”6″ coins-selected=”BTC,ETH,XRP,LTC,EOS,ADA,XLM,NEO,LTC,EOS,XEM,DASH,USDT,BNB,QTUM,XVG,ONT,ZEC,STEEM” currency=”USD” title=”Cryptocurrency Widget” show_title=”0″ icon=”” scheme=”light” bs-show-desktop=”1″ bs-show-tablet=”1″ bs-show-phone=”1″ custom-css-class=”” custom-id=”” css=”.vc_custom_1523079266073{margin-bottom: 0px !important;padding-top: 0px !important;padding-bottom: 0px !important;}”]

New Cloud Security Alliance Paper Explores How Enterprises Can Augment, Integrate DNS Systems With Software-Defined Perimeter (SDP) to Enhance Security

Security visibility, resiliency, and responsiveness can be improved by combining Domain Name Systems and enterprise-managed DDI systems with SDP

The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, has published a new white paper, Integrating SDP and DNS: Enhanced Zero Trust Policy Enforcement. Drafted by the Software-Defined Perimeter (SDP) and Zero Trust Working Group, the document explores how enterprise DDI systems – which collectively refer to three core network services, namely Domain Name System (DNS), Dynamic Host Configuration Protocol (DHCP), and Internet Protocol Address Management (IPAM) – can augment and integrate with SDP to enhance organizations’ security, resiliency, and responsiveness.

Recommended AI News: Sitecore Reveals Updated Product Suite, Building on Technology Innovations Gained from Recent Acquisitions

DNS maps human-readable domain names (e.g., cloudsecurityalliance.org) to numerical internet protocol (IP) addresses. Setting and enforcing policy at the DNS layer isn’t compute-intensive and has the further advantage of being able to scale to millions. However, the ubiquity of DNS and the fact that it’s largely open, connectionless, and unencrypted, makes it a commonly exploited means of infiltrating malware into networks and exfiltrating data. Additional mechanisms are required for a fine-grained policy framework and enforcement to leverage the DDI database. DDI services can provide enterprises with visibility and control, and when combined with SDP can deliver considerably improved security and help organizations advance their Zero Trust security journeys.

Related Posts
1 of 40,714

Recommended AI News: Veriff Enhances Face Match with New Authentication Capabilities

“Integrating the three core systems that comprise DDI helps provide control, automation, and security for today’s modern and highly distributed networks. Tying together traditionally distinct systems for more holistic enforcement is a hallmark of the Zero Trust security approach, and DDI has the unique advantage of logging who’s on the network, where they’re going, and, more importantly, where they’ve been. Information security will always be multi-layered, and Zero Trust via SDP is an approach that benefits from integration with many other parts of an enterprise security infrastructure,” said Shamun Mahmud, senior research analyst, Cloud Security Alliance.

The paper explains how by integrating an SDP architecture with DNS, a strategy that results in improved security, organizations can leverage DNS as a Zero Trust network policy enforcement point alongside the SDP policy enforcement points and mine valuable DNS data for faster threat response by SDPs. Two use cases where enterprise-managed DDI integrates with SDP to improve security, contextual awareness, and responsiveness are included by way of example.

Recommended AI News: Syzygy Integration Releases iTAK in the App Store, a Cutting-Edge Situational Awareness App

[To share your insights with us, please write to sghosh@martechseries.com]

Comments are closed.