When it comes to security, organizations are moving away from the virtual private network model with a central concentration entry point that has to traverse complicated-to-maintain back haul lines. Instead, the more recent software-defined perimeters permit users and DevOps professionals to access multiple environments simultaneously. These cloud-native solutions allow a more sophisticated, layered approach to security, with a full network platform, providing user access with a single security construct.

“[We’re] completely neutral to the underlying infrastructure [or] the geography; our solution acts the same … public, private cloud, bare metal,” said Holland Barry (pictured), senior vice president of cybersecurity at Cyxtera Technologies Inc. “It’s a unified policy framework that allows you to, whatever level of granularity you want, describe access from a user, even including ingredients from a third-party system.”

Barry spoke with John Furrier (@furrier), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during AWS re:Invent in Las Vegas. In addition to changing security trends, they discussed Cyxtera’s AppGate SDP offering. (* Disclosure below.)

Simplifying security access

One of the main issues with VPNs is that once a user is logged in, they have nearly unfettered access into the system. So malware can be easily spread laterally. A software-defined perimeter, on the other hand, greatly reduces that attack surface by giving users access to only those items within the infrastructure to which they are vetted.

In simple environments, a VPN might be an appropriate approach to security, but when organizations are running multiple cloud workloads, on-prem data, and users everywhere, a VPN simply can’t keep up.

At AWS re:Invent, Cyxtera is focused on its new product, AppGate SDP, a secure access solution that allows simultaneous secure access to a multitude of environments. So if, for example, an AWS customer has 20 or 30 accounts, AppGate SDP can seamlessly allow connectivity with a very robust policy structure that can permit those developers and users to interact with those environments without VPN switching.

“[It’s a] real clean and sophisticated way to connect your users into your internal sensitive infrastructure,” Barry concluded.

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of AWS reInvent. (* Disclosure: Cyxtera Technologies Inc. sponsored this segment of theCUBE. Neither Cyxtera nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE