“Tempered Networks gave us a fast way to deliver a simple and segmented network for our SWIFT systems, isolating them from the rest of the network. Now we have visibility and audit capability of all systems in our SWIFT environment, while meeting the security requirements with end-to-end encryption and micro-segmentation.”
Network Administrator, Large Financial Institution
In order to safeguard the broader financial community, the Society of Worldwide Interbank Financial Telecommunications (SWIFT) has produced a compliance framework; the Customer Security Program (CSP). However, the cost and complexity of meeting CSP requirements by deploying, maintaining, and auditing traditional IT solutions across separate enterprise and remote infrastructures is impractical, yet still doesn’t prevent hacker reconnaissance and lateral attacks.
People and Process Challenges
Our customers have eliminated the complexity, attack vectors, and costs associated with traditional IT solutions by adopting an identity-centric model for SWIFT environments that’s simpler and more secure. With IDN, you can transparently segment and control communications to, out of, and within your SWIFT environment to just the necessary systems required to function in minutes, rather than days or weeks compared to traditional IT solutions. And even better, the cost is a fraction of those alternatives. Now you can easily connect, inventory assets, and quickly mitigate attacks in real-time.
Our customer was able to securely connect and isolate their SWIFT systems from the general IT network. Unlike traditional IT solutions, with Tempered Networks their SWIFT environment is isolated across its own encrypted and segmented overlay network that can’t be violated. Because of the complexity and expertise required to restrict routes, deploy nested firewall rules, and restrict port forwarding across hundreds of subnets within a multi-NAT environment, deployment time for one site was estimated to take 50 days and be disruptive. With Tempered Networks' an IDN can be deployed in less than a day and creation of an encrypted overlay network can be performed in minutes.
*Traditional IT solutions are the use of firewall rules, NAC, VPNs, switch and router ACLs, digital certificates, cellular modems, VLANs, etc.
*FTE - hours worked by one employee on a full-time basis.
Tempered Networks’ scalable orchestration engine was designed to be extremely easy to use with no advanced technical training and requires little to no change to existing infrastructure. Unlike the many complex, fragile, and disruptive steps associated with traditional IT solutions, our customers eliminate complexity, cost, and attack vectors through point-and-click policy orchestration.
First, our overlay network transparently creates cryptographic machine identities for every IDN endpoint to eliminate spoofing.
Second, every protected devices' network connections are automatically authenticated and authorized between trusted devices before data transport and exchange. Our unique network-level authentication creates verifiable trust segments that can't be discovered or exploited.
Third, all connections are transparently encrypted and encapsulated enabling non-disruptive and secure traversal across any type of network - public or private. Every device can now be quickly connected and protected across any LAN or WAN, segmented across any network and made invisible to hackers.
Click to expand
Trusted end-to-end connectivity with point-and-click simplicity to add, disable, and revoke machines.
Click to expand
Challenges with Traditional IT Solutions
Solution with Tempered Networks