ESP Dynamic Access Control
Dynamic Access Control makes security adapt to change
Security professionals find it hard to control access to and from specific digital resources in a constantly changing environment with a less clearly defined perimeter than a few years ago. Elemental's platform ESP makes it possible to dynamically control access to member hosts (computer systems) in predefined logical security groups by automatically enforcing data traffic control security policies.
Dynamically control access to your systems
Elemental Security Platform implements proprietary technology called Dynamic Security Grouping to do system access control dynamically which means as soon as changes in the security posture of a managed system take place. Access control is accomplished with data traffic control policies that are specifically targeted to a per-defined host group then automatically and continuously enforced by the Elemental system.
Dynamic Security Grouping is the automated process by which the Elemental Security Platform (ESP) manages the membership of host groups, and it is one of the key functionalities of ESP. ESP collects a variety of information about managed hosts, and transforms this information into host attributes that can be mixed and matched to create very broad or very granular host group definitions.
The variety and granularity of these host attributes allow you to create very different types of Host Groups which become the targets of your data traffic control policies to effectively block or permit access to these groups. These host groups can be created by geography, organizational responsibility or using technical attributes like: IP, MAC addresses, subnets, hostnames, etc.
Once the groups are defined, network and security admins do not need to take any manual steps to add or remove machines from the host groups. Groups' membership will be updated dynamically and continuously in response to detected changes in hosts' attributes, and results of the update will be recorded for tracking, enforcement and reporting purposes.
Access Control Policies
ESP Security Policies used to control access to host groups are composed of one or several data traffic flow or packet filtering rules like blocking or allowing specific type of traffic to go to or come from a specific group, IP address, interface, etc.
These are potent rules keeping unauthorized traffic away from strategic systems. Once deployed, these controls remain in place until the host's security posture improves or the admin releases the enforced policy.
Dynamic grouping and access control enable administrators to:
- > Assure that only approved hardware and software have access to key systems
- > Discover and contain new machines coming on the network
- > Restrict the ability of unauthorized or non-compliant machines to harm critical resources
ESP creates a more agile defense system that automatically adapts to changes, but also to new cybersecurity challenges.
ESP goes beyond system hardening by centrally controlling security trust zones.
ESP's enforceable traffic flow policies block lateral movement and facilitate a zero trust network architecture.