Next Generation VPN
The macmon SDP feature "Next Generation VPN" is used to control access to traditional local resources in the corporate network.
Devices or users that want to have access must have the macmon SDP agent installed, which establishes a connection to the cloud controller (macmon SDP Controller). In contrast to the classic VPN, both the agent and the user authenticate themselves at the macmon SDP controller. The SDP controller is provided by macmon and hosted in Berlin.
If agent and user are validly and successfully authenticated at the controller, the connection to the SDP gateway is established and access to the network can be granted. The gateway is usually located in the DMZ of the company. It can be decided which IP address ranges and which protocols the user is allowed to access. This results in segmentation: which user is allowed to access which internal resources with which device.
In addition to the identity, the security status of the end device used is also checked and included in the decision. With flexible policies, sensitive resources can be accessed depending on the security level.