Since the beginning of the pandemic, the nature of and targets for cyberattacks have rapidly shifted from mere data and applications to critical infrastructure such as gas pipelines and food suppliers. Additionally, organizations that have been greatly impacted by the pandemic, including healthcare and educational institutions, have become more specifically targeted by threat actors.
As this new threat environment spans both the digital and physical worlds, employing a zero trust security strategy is now more critical than ever. In fact, after the latest string of attacks during the first half of 2021, President Biden issued an executive order aimed at improving cybersecurity for both public and private organizations. The order emphasized the importance of a zero trust approach.
A10 Network has enhanced its solutions to help customers meet and accelerate their zero trust strategies. Zero trust eliminates implicit trust from information technology systems, and is embodied by the maxim ‘never trust, always verify.’ It recognizes that internal and external threats are pervasive, and the de facto elimination of the traditional network perimeter requires a different security approach.
Every device, user, network, and application flow should be checked to remove excessive access privileges and other potential threat vectors. Multi-layered protection should incorporate controls, from i) foundational visibility into encrypted traffic streams to stop infiltration from ransomware, malware, and other common attacks, ii) application workload protection through segmentation and advanced user authorization and verification, and iii) sustainable user training in best practices to minimize risky behaviors.
Zero trust has become a major initiative for many organizations. Gartner observes, “the term “zero trust” has value as a shorthand way of describing a paradigm where implicit trust is removed from all of our computing infrastructure. Implicit trust is replaced with explicitly calculated, real-time adaptive trust levels for just-in-time, just-enough access to enterprise resources.”
Modernize network security for zero trust
A10 has made enhancements to its security and infrastructure solutions to strengthen zero trust architectures for digital resiliency.
- Infiltration visibility and protection – network and end-point infiltration visibility and prevention are foundational in protecting against encrypted ransomware, malware, and other malicious activities. Augmented TLS/SSL inspection management and deployment capabilities are available to aid in operationalizing visibility.
- Automated DDoS protection – application workload and infrastructure protection from escalating IoT, botnet and amplification threats with Zero-day Attack Pattern Recognition, using artificial intelligence/machine learning (AI/ML) technologies and new packet watermarking effectively mitigate malicious and unauthorized access.
- Granular operational micro-segmentation – network and infrastructure segmentation isolates flows and processes to reduce the attack surface and lateral movement. The A10 Thunder Multi-tenant Virtual Platform (MVP) on Dell Technologies provides strongly isolated instances, in addition to application delivery partitions (ADPs), efficient containerized instances, and other options to achieve operational isolation.
- Advanced user authorization and verification – user workload access protection prevents unauthorized and bot access with stronger identity access management (IAM) via multi-factor authentication (MFA) and new CAPTCHA capabilities now common on consumer websites. Organizations can use application delivery capabilities as a bastion host, for external and internal users, to provide identity-based and context-based Zero Trust Network Access (ZTNA) policies with specific enforced access rather than full network or tunnel VPN access.
- Real-time observability and central management – oversight into operational status and the ability to apply policy across multiple environments, including public, private and hybrid cloud infrastructures, reduce incident response times, human error, and complexity. Centralized analytics and management enhancements in A10 Harmony Controller apps include new IP tracing, granular access controls (RBAC), and more application usage views.
A10’s solutions, as part of a strong zero trust architecture, help security teams eliminate unnecessary risk and become more efficient. Default configurations, encrypted traffic, excessive privileges, lack of micro-segmentation and emerging attack vectors lead to exploitation by threat actors and need to be addressed. These A10 solutions are being adopted by our customers in service provider and enterprise markets.
“Customers are facing unprecedented increases in both threats and vulnerabilities along with a critical shortage of cybersecurity professionals. Now with threats crossing over into the physical domain, it is more critical than ever before to ensure safety, security and compliance. Service providers and enterprises are modernizing their security approaches as recommended by the zero trust security model to ensure digital resilience and successful business outcomes,” said Dhrupad Trivedi, president and CEO of A10 Networks.