Cyberscurity Mesh mentioned in Gartner’s “Nine Trends in Cybersecurity Technology in 2021” released in October 2020, it is another evolution of zero trust practices.
The domestic network security market is in a period of growth. Zero trust, as a network security concept in the new era, has also accelerated its recognition and application by the market in the past year. According to relevant data from Marketsand Markets, the global zero-trust security market is expected to grow from US$19.6 billion in 2020 to US$51.6 billion in 2026, with a compound annual growth rate (CAGR) of 17.4% from 2020 to 2026.
In this regard, “Yiyun Technology”, established in 2019, believes that as identity has become the core element of threat analysis and judgment and access control strategies in network security, the lack of identity elements in network protocols makes all threat analysis and Almost all access control products have an insurmountable capability ceiling. According to reports, its product domain security cloud network conforms to the network security grid concept proposed by Gartner, which can help customers break through physical network restrictions and quickly build a zero-trust security network in untrusted networks, by injecting security natively into the underlying network protocol. Ability to allow customers’ business networks to break through the ceiling of security capabilities and help customers’ businesses continue to operate stably.
The ceiling of traditional network security
As global business goes to the cloud, 5G and other technologies are rapidly spreading, enterprise networks are becoming fragmented, network exposure continues to increase, network structures are becoming more complex, and security management is becoming more and more difficult. The traditional TCP/IP network did not consider the entity identity in the network at the beginning of the design, but used the IP address to mark the visitor and object in the network. In today’s fragmented networks, mobile office scenarios are becoming more and more popular, and the widespread use of technologies such as network address translation (NAT) and dynamic address allocation (DHCP) makes the correlation between physical IP addresses and people and terminals weaker and weaker. , All IP address-based security detection, threat analysis, and access control technologies have obviously encountered an insurmountable capability ceiling.
- Identity authentication and authorization are out of touch with network access control
Most large-scale enterprises have deployed a unified identity authentication and authorization system (IAM), which can centrally manage the entire life cycle of enterprise employee accounts, and assign different services to accounts in different roles and departments access permission.
However, traditional border access control systems perform network access control based on the field characteristics of network protocols, such as IP address, port number, protocol type, HOST, URL and other fields. These protocol fields in the network data packet have nothing to do with the identity of the network entity, which makes the identity-based authorization strategy impossible in the actual network.Direct implementation, identity-based authorization policies are completely out of touch with network access control, which is the main reason why zero-trust networks are difficult to land in existing physical networks.
- People-based threat analysis is difficult
The nature of cyber threats is human threats. Traditional cyber attack detection and threat analysis systems mostly analyze the context of network behaviors based on network traffic characteristics, terminal logs or system logs, but the identity information of the network visitor is not included in the In network traffic, terminal logs or system logs, this leaves systems like SOC, UEBA, SIEM, and XDR empty. The final analysis conclusion is still only to judge the threat of a certain IP address or terminal at a certain time segment, and It does not represent a threat to people.
- Inefficient real-time threat disposal
The physical network is composed of a variety of terminals, servers, network devices, and security devices. Business access traffic flows between these devices. Since the data in the network does not contain human information, even if the “plug-in” security system recognizes a security threat in the physical network, it is difficult to directly correspond to a specific person or terminal. Therefore, the security administrator is seeing After the threat is alerted, it is often impossible to start.
Network security grid creates a secure network base for enterprises
The implementation of zero-trust technology is rapidly iterating and evolving. Innovative solutions such as BeyondCorp, SDP, SASE, etc., have enriched the technology implementation route for enterprises. According to Yiyun Technology, after more than a year of product polishing, the company released the first domestic network security grid product in early 2021-the domain security cloud network.
Cyberscurity Mesh is mentioned in Gartner’s “Nine Trends of Cybersecurity Technology in 2021” released in October 2020, which is another evolution of zero trust practices. Gartner predicts that by 2025, network security grids will support more than half of digital access control requests.
Network security grid is a modern security method, including deploying control measures where it is most needed, building an identity-based zero-trust network and using identity as a security boundary, by providing basic security services and centralized policy management and orchestration Function, so that many tools can work together, not every security tool is used in an isolated environment. Today many IT assets are outside the traditional corporate boundaries. The network security grid architecture allows organizations to extend the coverage of security controls to distributed assets.
From the above description, the company summarizes the characteristics of the network security grid as follows:
1. Regardless of physical location, in anySafe access everywhere;
2. Use identity as a security boundary (ie: zero trust network);
3. Centralized strategy arrangement, distributed strategy execution;
4. Modular architecture design;
5. For cloud-native, API-based environments.
The two core features of the Trust Domain Security Cloud Network are:
1. Inject security capabilities into the underlying network protocols to achieve end-to-end encrypted access, reshape the shore area capabilities from bottom to top, and provide network layer guarantees for trusted access control, continuous monitoring, and threat tracing of the network ;
2. Modular structure landed in the cloudification of the network. The letter domain is a deployment mode where multiple components are integrated in the cloud and ground. By deploying the letter domain component, it can help customers to cloudify the existing physical network to achieve high efficiency, agility, It can be flexibly expanded and supports payment on demand.
The company believes that these two core points are also the core features of the network security grid, helping customers’ networks break through the physical network restrictions and achieve the smallest security boundary in a borderless network. Chen Kunpeng, CEO of Yiyun Technology, believes that there are many technological innovations in the domain security cloud network. It is a new form of cloud-based security network that integrates technical features such as SD-WAN, zero trust, and cloud services, and provides an identity upgrade for the corporate network at the bottom of the network. Through this change in the underlying capabilities, the extension of the enterprise network is no longer limited by the physical environment, which infinitely expands the security boundary of the enterprise network, and at the same time improves the threat detection and real-time management and control capabilities of the enterprise network.
It is also understood that Yiyun Technology has received tens of millions of angel round investment from Xianfeng (K2VC) in 2020. This round of financing is mainly used to increase investment in product research and development and market verification.
Its investor Li Kang believes that in the era of digital economy, trust is a topic that cannot be avoided, and it is costly and difficult to reconstruct the trust system in the physical network. Yiyun Technology uses the network security grid method to help enterprises build a brand-new identity-based security network without changing the physical network. In this new network, every network data packet will carry identity information, and all security Both strategy and threat analysis will be based on identity. Yiyun Technology adds an identity dimension to security at the bottom of the network, empowers various security capabilities of the enterprise, and makes it very simple and efficient for the enterprise to reconstruct the trust system.
Currently, Xinyu Security Cloud Network has completed implementation in many customers (such as Sinopec, VIPKID, Huobi).