VPN Vulnerability Shows Need for Software Defined Perimeter

VPN vulnerability that shows the need for Zero Trust Network Access.

The Department of Homeland Security issued a warning last month about VPN packages from F5, Palo Alto, Pulse, and Cisco. According to Network World, these packages might fail to properly secure tokens and cookies. This could enable cyber criminals to break into and control an end user’s system.

Vulnerabilities like these reveal the need for modern technologies and techniques like Zero Trust and Zero Trust Network Access (ZTNA), also known as Software Defined Perimeter (SDP).

Zero Trust

Zero Trust goes beyond securing the boarders of a network to view even devices and users within a network as suspect. Part of how Zero Trust accomplishes this is by limiting access to network resources to only those who need them, verifying policy compliance, and both user and device identity.

This technique could have limited access to networks involved in these breaches, thereby mitigating or even preventing cyberattacks on these networks. Learn more about Zero Trust from Impulse’s article, What is the Zero Trust Model.

Zero Trust Network Access

ZTNA works to implement the Zero Trust model by limiting users’ access to only necessary resources. This can limit the access of possible cyber criminals exploiting vulnerabilities like the ones outlined by the Department of Homeland Security. ZTNA also relies upon methods of restricting access to resources until after device identity and compliance is verified. ZTNA solutions can often even go so far as segmenting networks to the point that there is a “perimeter of one” around each user on a network.

This means that methods like the one found by the Department of Homeland Security involving unsecure tokens and cookies would be less likely to work, as the security of devices is verified before network connection. Learn more about Impulse’s own ZTNAs solution on Impulse’s SafeConnect SDP Product page.

Are you a security superhero? Find out with Impulse’s Network Security Superhero Assessment!

Comments are closed.