As customers transition to the public cloud, the traditional IT “perimeter” has evolved and an edge firewall isn’t enough. With the dynamic nature of cloud assets and the threat landscaping evolving, you need a combination of network security and access control to truly provide a holistic infrastructure security and protect against such attacks. Our customers need to ensure to turn off port or IP access to services if they are not in use in order to prevent attacks (port-scanners, botnet etc)
We have had Dynamic Access (just-in-time access) feature for this exact use case in our platform. Admins and ops teams can get access to specific services for a pre-defined period of time, after which the ports are closed again, thereby reducing the overall attack surface of the service.
Now, we have made UI enhancements that allow you to get access to multiple services quickly and create custom access groups for unique access that your IT and ops teams require.
Below you see the capability to select multiple services and group them into an access group:
You can create a custom name for the group and select whether it is public or private:
It now shows up in the access group console where you can get access for the entire group on demand:
Finally, once done with the service, you can terminate the entire access group for convenience
Dome9 provides powerful active protection capabilities that serve as guard rails to protect your assets in the cloud. Stay tuned for more updates!