Software Defined Perimeter

Latest ResearchJoin Group
Software-Defined Perimeter (SDP) and Zero Trust
Software-Defined Perimeter (SDP) and Zero Trust


Join this working group
Software Defined Perimeter

What is Software Defined Perimeter (SDP)? 
Software Defined Perimeter (SDP) provides an integrated security architecture that is otherwise hard to achieve with existing security point products, such as NAC or anti-malware. It is designed to leverage proven, standards-based components, such as data encryption; remote attestation, mutual transport layer security, Security Assertion Markup Language (SAML) and X.509 certificates. Incorporating these and other standards-based technologies ensures that SDP can be integrated with an organization’s existing security systems. 

How other organizations are using SDP
Companies like Coca-cola are implementing SDP research into their vending machines, and Mazda is using SDP for their connected vehicles. Building Intelligence Inc. uses SDP in their access points for visitors, loading docks, and freight entrances to prevent terrorist attacks and theft.. 

Security challenges SDP helps address.
The initial objective of this group was to develop a solution to stop network attacks, such as DDOS, against application infrastructure. With the adoption of cloud services the threat of network attacks against application infrastructure increases since servers can not be protected with traditional perimeter defense techniques.

Software Defined Perimeter

This group is working to validate and protect the devices and connections on a network. The topics of group discourse are benefits, architectural references, and implementation of the SDP protocol.

Next Meeting

Dec 02, 2020, 01:00PM PST
Join the Meeting

Working Group Leadership

Jason Garbis Headshot

Jason Garbis

Junaid Islam Headshot

Junaid Islam

Bob Flores Headshot

Bob Flores

Juanita Koilpillai Headshot

Juanita Koilpillai

Join this working group

Cloud Security Research for Software Defined Perimeter

CSA Research crowd-sources the knowledge and expertise of security experts and helps address the challenges and needs they’ve experienced, or seen others experience, within the cybersecurity field. Each publication is vendor-neutral and follows the peer review process outlined in the CSA Research Lifecycle. We recommend getting started by reading the following documents.

Software Defined Perimeter (SDP) Architecture Guide

Software Defined Perimeter (SDP) Architecture Guide

This architecture guide leverages proven, standards-based components to stop network attacks against application infrastructure. This guide will help enterprises and practitioners understand the economic and technical benefits SDP can provide. It also assists users in implementing SDP in their organizations successfully. After reading this guide you will understand how SDP can be used in different environments, and be able to successfully deploy SDP solutions based on the architecture recommendations.

Software-Defined Perimeter (SDP) and Zero Trust

Software-Defined Perimeter (SDP) and Zero Trust

A Zero Trust implementation using Software-Defined Perimeter enables organizations to defend new variations of old attack methods that are constantly surfacing in existing network and infrastructure perimeter-centric networking models. Implementing SDP improves the security posture of businesses facing the challenge of continuously adapting to expanding attack surfaces that are increasingly more complex. This paper will show how SDP can be used to implement ZTNs and why SDP is applied to network connectivity, meaning it is agnostic of the underlying IP-based infrastructure and hones in on se...

Software-Defined Perimeter as a DDoS Prevention Mechanism

Software-Defined Perimeter as a DDoS Prevention Mechanism

Learn how to use SDP as a tool to prevent DDoS attacks. In this document we demonstrate its efficiency and effectiveness against several well known attacks, including HTTP Flood, TCP SYN, and UDP Reflection. The primary target audience for this document are people in security, enterprise architecture, and compliance roles within enterprises. These stakeholders will be largely for the evaluation, design, deployment, or operation of DDoS prevention solutions within their enterprise.

Develop Custom Research with CSA

Work with CSA to develop custom research that aligns with your organizations internal initiatives. Oftentimes there are topics or domains of security that are lacking current best practices or guidance. Ensure your internal initiatives align with the latest developments within the cloud security community by collaborating with CSA. This benefit along with others, are open to CSA Enterprise Members. 

Webinars & Resources

Software Defined Perimeter Architecture Guide

SDP combines well-proven technical and architectural components to protect networked applications and infrastructure, more efficiently and effectively than with traditional network security tools. This webinar explains SDP and it’s benefits, as well as provides a preview of the architecture guide.

SDP – The Yellow Brick Road to Zero Trust

In this webinar, you’ll learn how a Zero Trust implementation using SDP is applied to network connectivity, meaning it is agnostic of the underlying untrusted IP-based infrastructure, and hones in on securing connections. The webinar will delve into the steps to implement SDP and facilitate organizations to defend from new variations of old attack methods that are constantly surfacing in existing perimeter-centric networking and infrastructure models.

Why it's Time to Kill Your VPN

VPNs are dangerous and overly complex. So why are we still pretending that VPNs are an effective security technology? Join this webinar if you are responsible for implementing Zero Trust or managing complex VPN environments. You will learn why VPNs cannot support your move to Zero Trust. Why managing VPNs is too complex for delivering granular access to a mobile workforce. And how eliminating VPNs can deliver Zero Trust secure access to the cloud, DevOps and third parties.

Blog Posts

The State of SDP Survey: A Summary
Software-Defined Perimeter Architecture Guide Preview: Part 4
Software-Defined Perimeter Architecture Guide Preview: Part 3

Press Coverage

Join this working group