Next Generation VPN
Securing Local Resources
The macmon SDP feature "Next Generation VPN" is used to control access to traditional local resources in the corporate network.
Devices or users that want to have access must have the macmon SDP agent installed, which establishes a connection to the cloud controller (macmon SDP Controller). In contrast to the classic VPN, both the agent and the user authenticate themselves at the macmon SDP controller. The SDP controller is provided by macmon and hosted in Berlin.
If agent and user are validly and successfully authenticated at the controller, the connection to the SDP gateway is established and access to the network can be granted. The gateway is usually located in the DMZ of the company. It can be decided which IP address ranges and which protocols the user is allowed to access. This results in segmentation: which user is allowed to access which internal resources with which device.
In addition to the identity, the security status of the end device used is also checked and included in the decision. With flexible policies, sensitive resources can be accessed depending on the security level.
Advantage of macmon SDP Over VPN
- Thanks to micro-segmentation, maximum reduction of the attack surface
- Individual policies can be defined at user level and device level
- Minimal maintenance and low operating costs thanks to SaaS
- „Split tunneling“ out of the Box
- Prevention of „Account hijacking“
- Highly scalable for any number of users
- Global availability
- Hosted in Germany & GDPR-compliant & german support
- Data center certified to ISO 27001
- Supporting Zero Trust with NAC for over 15 years