Simple and Secure SWIFT Compliant Networks
Zero trust connectivity and micro-segmentation meets the
Customer Security Program (CSP) control requirements
What our SWIFT Customers Experience
Meeting Compliance Requirements is Costly and ComplexIn order to safeguard the broader financial community, the Society of Worldwide Interbank Financial Telecommunications (SWIFT) has produced a compliance framework; the Customer Security Program (CSP). However, the cost and complexity of meeting CSP requirements by deploying, maintaining, and auditing traditional IT solutions across separate enterprise and remote infrastructures is impractical, yet still doesn’t prevent hacker reconnaissance and lateral attacks.
Isolating SWIFT systems and restricting Internet access
Real-time mapping of all SWIFT network assets and communications
Preventing credentials from being compromised
Inability to protect against horizontal L2-L4 network attacks
Lack of segmentation gives 3rd party vendors unfettered network access
People and Process
Multi-factor auth. is too complex for users
Complex audits of individual firewall rules, ACLs, and VLANs
Simple Segmentation and Compliance for SWIFT NetworksOur customers have eliminated the complexity, attack vectors, and costs associated with traditional IT solutions by adopting an identity-centric model for SWIFT environments that’s simpler and more secure. With IDN, you can transparently segment and control communications to, out of, and within your SWIFT environment to just the necessary systems required to function in minutes, rather than days or weeks compared to traditional IT solutions. And even better, the cost is a fraction of those alternatives. Now you can easily connect, inventory assets, and quickly mitigate attacks in real-time.
Business Impacts of Traditional IT Solutions vs Tempered NetworksOur customer was able to securely connect and isolate their SWIFT systems from the general IT network. Unlike traditional IT solutions, with Tempered Networks their SWIFT environment is isolated across its own encrypted and segmented overlay network that can’t be violated. Because of the complexity and expertise required to restrict routes, deploy nested firewall rules, and restrict port forwarding across hundreds of subnets within a multi-NAT environment, deployment time for one site was estimated to take 50 days and be disruptive. With Tempered Networks' an IDN can be deployed in less than a day and creation of an encrypted overlay network can be performed in minutes.
"Tempered Networks gave us a fast way to deliver a simple and segmented network for our SWIFT systems, isolating them from the rest of the network. Now we have visibility and audit capability of all systems in our SWIFT environment, while meeting the security requirements with end-to-end encryption and micro-segmentation.”
Large Financial Institution
Zero Trust Policy Orchestration and Micro-Segmentation in Minutes
Tempered Networks’ scalable orchestration engine was designed to be extremely easy to use with no advanced technical training and requires little to no change to existing infrastructure. Unlike the many complex, fragile, and disruptive steps associated with traditional IT solutions, our customers eliminate complexity, cost, and attack vectors through point-and-click policy orchestration.
First, our overlay network transparently creates cryptographic machine identities for every IDN endpoint to eliminate spoofing.
Second, every protected devices' network connections are automatically authenticated and authorized between trusted devices before data transport and exchange. Our unique network-level authentication creates verifiable trust segments that can't be discovered or exploited.
Third, all connections are transparently encrypted and encapsulated enabling non-disruptive and secure traversal across any type of network - public or private. Every device can now be quickly connected and protected across any LAN or WAN, segmented across any network and made invisible to hackers.
Point-and-Click Simple ManagementTrusted end-to-end connectivity with point-and-click simplicity to add, disable, and revoke machines.
Zero Trust SWIFT Network Deployments
Get control of your SWIFT environment by segmenting and cloaking your network
Traditional IT Solutions
Lack of machine-to-machine encryption and verifiable micro-segmentation
Infrastructure dependencies introduce error and machine exposure to public Internet
Inability to quickly provide micro-segmented remote access to specific systems
Complex firewall rules, ACLs, VLANs, certificates, and VPN tunnels across distributed systems
Lack of real-time resource failover across LAN and WAN
Simple CSP compliance reporting
Isolated overlay networks that restrict Internet access
Instant secure connectivity for layer 2 and layer 3 networks with high availability and resiliency
Micro-segmentation and native end-to-end encryption across the LAN, WAN, and cloud
Ability to connect remote systems over any medium — cell, Ethernet, Wi-Fi, or radio
Real-time attack mitigation and resource failover across LAN, WAN, and cloud