Local and Wide-Area Micro-Segmentation Made Simple
Tempered Networks’ Conductor is the orchestration engine and the intelligence behind an Identity-Defined Network – offering centralized control of your deployment. Now it’s easy to securely network anything, anywhere, across any LAN/WAN or cloud environment, with greater security and predictability than previously imaginable. Organizations are eliminating unnecessary CapEx and OpEx by accelerating the time to provision networking and security services, and reducing the cost for compliance and audits, saving them up to 25% of their IT budgets.
Available as physical appliance, virtual deployment, or cloud deployment
Rapid Network Policy Orchestration
Built with an orchestration and manageability first mindset, The Conductor drives simple configuration of policy, collects metrics, and enforces explicit trust relationships through device-based whitelisting based on unique Cryptographic IDs issued to every distributed IDN endpoint (HIP Services). HIP Services enforce policy within the IDN Fabric, with no network traffic flowing through The Conductor.
Through a simple user interface (UI) you can now instantly connect, secure, move, or disconnect any IP resource globally, even traditionally non-routable endpoints. Securely managing even thousands of endpoints is now easy, practical and mistake-proof. Immediate revocation of anything within the IDN fabric is instantaneous, with just a click of the mouse or via The Conductor’s RESTful API; reducing time to mitigation by up to 99%.
FIPS add on available.
UI DEMO - THE CONDUCTOR
Create a network in 90 seconds
Simple management of your network
Orchestration in Action with SimpleConnect™ API
Through our secure API, it’s easy to integrate with other workloads, and security and networking services like directory services, SIEMs, and monitoring tools. Through simple integration with these detection systems, the possibilities are endless:
- Build event-based logic for real-time mitigation
- Flip traffic to another network or the cloud, in less than a second
- Remove and quarantine a compromised device out of hundreds of networks—instantly
- Re-direct suspect traffic to a lab for further analysis
Point-and-Click Simple: Create Secure Network Overlays in Minutes
Our powerful single-pane-of-glass orchestration engine minimizes network complexity and errors by reducing the need for complex internal firewall rules, ACLs, VLANs, VPN policies and key management, resulting in increased organizational responsiveness. The IDN platform is a seamless and non-disruptive overlay to existing infrastructure that easily traverses traditional switching and routing infrastructure across both LAN and WAN environments. Using the HIPrelay, end-to-end encrypted communication between systems that otherwise would not be able to be routed or peered directly with one another is now possible and can be done with a few mouse clicks.
Authorized hosts with provable cryptographic identities automatically register themselves to Conductor. The administrator accepts new HIP Services, and allows them to be managed within the IDN fabric, together with the device(s) each HIP Service is protecting. In this example, ‘AWS_- Germany_Central’ HIPswitch has been configured as a HIPrelay.
The final step is creating communication policy, which is point-and-click simple. Simply add the trusted devices you want to include and build explicit trust relationships by clicking the radio buttons. The Conductor authenticates and authorizes the HIP services via their provable host identities, and then whitelists both HIP switches to communicate with each other. This simple process replaces the multiple steps typically required for security and network configuration by IT staff.
The Conductor's Visual Trust Map shows an encrypted network overlay based on the instant policy creation shown above, allowing you to immediately validate policy, either between your protected devices, or between HIP Services. Unlike SDN and SD-WAN solutions, IDN seamlessly integrates separate layer 2 and layer 3 networks, overcoming previously impassable networking barriers such as multi-NAT or service provider Carrier-Grade NAT environments. It’s now easy to route encrypted traffic across any public, private, cellular, or cloud network, while maintaining proper isolation of all IP resources.