Zero Trust Network Access (ZTNA) is based on the philosophy of not trusting a device or a user until it is definitively authenticated. As our working environment is increasingly reshaped by mobile working, digitalization, the Internet of Things and the outsourcing of various services to the cloud, ZTNA must continue to be a key component of integrative IT security solutions in the future. The macmon SDP Suite takes this change into account.
macmon SDP has a very simple operating principle that makes it incredibly easy to use. With full transparency, the macmon SDP agent provides a highly secure authentication to the macmon SDP controller in order to check the identity of the user as well as the device and its security status. The SDP cloud controller is hosted in an ISO 27001–certified location in Berlin. Following successful authentication, the controller delivers the defined policy back to the agent via the encrypted connection. The policy contains all information about the accessibility of company resources. The system is also responsible for the intelligent control of the communication channels in order to avoid bandwidth constraints and to reduce
latency as much as possible.
Secure and direct communication with:
Traditional local ressources in the company network (A)
Ressources in the private cloud (B)
Ressources in the public cloud (C)
After successful authentication, the user has access to all the necessary resources. The user can either access the resources directly via single sign-on in the case of cloud applications, or via the macmon SDP cloud gateway resources in cloud data centers. Local resources in the company network can also be accessed directly via a local SDP gateway. To provide secure communication, there are encrypted tunnels which, depending on the configuration, make only specific resources accessible. All cloud strategies are supported, including hybrid cloud, leaving companies free to pursue their roadmaps for migrating services.
It is possible to specify access requirements for each company resource and define whether identifying features and security configurations must be met in full or in part. For example, sensitive resources can only be accessed by a limited group of users with defined endpoints, while less sensitive resources are also available to authenticated users with employees devices.
✔ Individual policies can be defined at user level and device level
✔ Includes Cloud Identity Provider / Identity Access Management (IAM)
✔ Prevention of "account hijacking"
✔ Highly scalable for any number of users
✔ Global availability
✔ Hosted in Germany
✔ GDPR compliant