Use Cases

Simple and Secure SWIFT Compliant Networks

Zero trust connectivity and micro-segmentation meets the
Customer Security Program (CSP) control requirements

What our SWIFT Customers Experience

50% Lower CapEx and OpEx
through network simplification

Complete Audits 50% Faster
without additional staff

90% Reduced Attack Surface
through cloaking, micro-segmentation, and encryption

See How a Prominent Bank Met SWIFT Requirements

The Challenge

Meeting Compliance Requirements is Costly and Complex

In order to safeguard the broader financial community, the Society of Worldwide Interbank Financial Telecommunications (SWIFT) has produced a compliance framework; the Customer Security Program (CSP). However, the cost and complexity of meeting CSP requirements by deploying, maintaining, and auditing traditional IT solutions across separate enterprise and remote infrastructures is impractical, yet still doesn’t prevent hacker reconnaissance and lateral attacks.

Network

Isolating SWIFT systems and restricting Internet access

Real-time mapping of all SWIFT network assets and communications


Security

Preventing credentials from being compromised

Inability to protect against horizontal L2-L4 network attacks

Lack of segmentation gives 3rd party vendors unfettered network access

People and Process

Multi-factor auth. is too complex for users

Complex audits of individual firewall rules, ACLs, and VLANs


The Solution

Simple Segmentation and Compliance for SWIFT Networks

Our customers have eliminated the complexity, attack vectors, and costs associated with traditional IT solutions by adopting an identity-centric model for SWIFT environments that’s simpler and more secure. With IDN, you can transparently segment and control communications to, out of, and within your SWIFT environment to just the necessary systems required to function in minutes, rather than days or weeks compared to traditional IT solutions. And even better, the cost is a fraction of those alternatives. Now you can easily connect, inventory assets, and quickly mitigate attacks in real-time.

Business Impacts of Traditional IT Solutions vs Tempered Networks

Our customer was able to securely connect and isolate their SWIFT systems from the general IT network. Unlike traditional IT solutions, with Tempered Networks their SWIFT environment is isolated across its own encrypted and segmented overlay network that can’t be violated. Because of the complexity and expertise required to restrict routes, deploy nested firewall rules, and restrict port forwarding across hundreds of subnets within a multi-NAT environment, deployment time for one site was estimated to take 50 days and be disruptive. With Tempered Networks' an IDN can be deployed in less than a day and creation of an encrypted overlay network can be performed in minutes.

Let Us Prove It

"Tempered Networks gave us a fast way to deliver a simple and segmented network for our SWIFT systems, isolating them from the rest of the network. Now we have visibility and audit capability of all systems in our SWIFT environment, while meeting the security requirements with end-to-end encryption and micro-segmentation.”

Network Administrator
Large Financial Institution

Zero Trust Policy Orchestration and Micro-Segmentation in Minutes

Tempered Networks’ scalable orchestration engine was designed to be extremely easy to use with no advanced technical training and requires little to no change to existing infrastructure. Unlike the many complex, fragile, and disruptive steps associated with traditional IT solutions, our customers eliminate complexity, cost, and attack vectors through point-and-click policy orchestration.

First, our overlay network transparently creates cryptographic machine identities for every IDN endpoint to eliminate spoofing.

Second, every protected devices' network connections are automatically authenticated and authorized between trusted devices before data transport and exchange. Our unique network-level authentication creates verifiable trust segments that can't be discovered or exploited.

Third, all connections are transparently encrypted and encapsulated enabling non-disruptive and secure traversal across any type of network - public or private. Every device can now be quickly connected and protected across any LAN or WAN, segmented across any network and made invisible to hackers.

Setting Policy

Point-and-Click Simple Management

Trusted end-to-end connectivity with point-and-click simplicity to add, disable, and revoke machines.
Visualizing Policy

Verify Compliance Quickly and Easily

The Visual Trust Map verifies connectivity and segmentation, delivering simple compliance reporting.

Zero Trust SWIFT Network Deployments

Get control of your SWIFT environment by segmenting and cloaking your network

Challenges with
Traditional IT Solutions

Lack of machine-to-machine encryption and verifiable micro-segmentation

Infrastructure dependencies introduce error and machine exposure to public Internet

Inability to quickly provide micro-segmented remote access to specific systems

Complex firewall rules, ACLs, VLANs, certificates, and VPN tunnels across distributed systems

Lack of real-time resource failover across LAN and WAN


Solutions with
Tempered Networks

Simple CSP compliance reporting

Isolated overlay networks that restrict Internet access

Instant secure connectivity for layer 2 and layer 3 networks with high availability and resiliency

Micro-segmentation and native end-to-end encryption across the LAN, WAN, and cloud

Ability to connect remote systems over any medium — cell, Ethernet, Wi-Fi, or radio

Real-time attack mitigation and resource failover across LAN, WAN, and cloud