New Tempered Networks Release Tackles PCI Compliance

Tempered says the new release provides a unified PCI security architecture for enterprise and government organizations.

PRESS RELEASE — SEATTLE – JUNE 19, 2017 – Tempered Networks, Inc. today announced that the new release of its Identity-Defined Networking (IDN) platform provides a unified PCI security architecture for enterprise and government organizations. The latest IDN platform release removes PCI systems and assets from scope through cloaking, micro-perimeter segmentation, machine authentication and authorization, and end-to-end encryption. These, and other controls, support Payment Card Industry Data Security Standard (PCI DSS) compliance requirements. The company also announced that it has partnered with Coalfire Systems, a qualified security assessor, to test and validate Tempered Networks’ identity-based PCI micro-segmentation capabilities. A comprehensive report from Coalfire will be published by July 2017.

“A PCI compliant environment does not mean your network and assets are immune from attack, especially east-west lateral movement, which is why we continue to witness so many hacks of PCI compliant networks,” said Erik Giesa, VP of Products at Tempered Networks. “Hacks against healthcare organizations alone have increased by 63% in 2016, according to a recent TrapX report. These organizations are still relying on IP address-defined policies that are subject to spoofing. Instead, our approach unifies PCI compliance with security, giving customers the best of both worlds. By using cryptographic machine identities for enforcement, local and wide area micro-segmentation easily removes systems from PCI scope, while cloaking PCI segments from bad actors. This capability is also ideal for achieving HIPAA and NIST Cyber Security Framework (CSF) compliance.”

PCI compliance is essential to any organization that processes, stores, and transports payment card data. PCI DSS has strict guidelines that must be satisfied before any systems can be deployed. Tempered Networks’ IDN platform helps organizations meet these stringent requirements through local and wide-area PCI micro-segmentation, providing a level of isolation and containment previously unattainable. The IDN platform enables organizations to fulfill specific PCI requirements in the following ways.

PCI machine authentication, authorization, and whitelist orchestration. PCI-DSS requirements have been written with traditional networking and security technologies in mind. Because firewalls, VPNs, and other access control technologies base their segmentation policies on spoofable IP addresses and VLANs which can be traversed, traditional segmentation is not only permeable but error-prone. With Tempered Networks’ IDN software, access controls and policy enforcement are based on a machine’s provable cryptographic identity. Every PCI machine authenticates and authorizes to other authorized machines before data transport can be established based on a machine whitelist. The machines then encrypt all data in motion creating an unbreakable local as well as wide-area network overlay.

Simple and centralized PCI orchestration. With new Smart Device Group capability, administrators can easily create pre-defined group policies for specific IDN PCI overlays. Only machine authenticated and authorized hosts can communicate within an encrypted IDN overlay. Using Smart Device Groups, automatically adding PCI resources to specific segments is simple, consistent, and predictable. The IDN solution’s centralized orchestration engine, The Conductor, and its secure RESTful API makes PCI orchestration seamless and easy.

PCI-compliant controls and policy assurance. New PCI reporting capabilities created by the IDN solution help administrators ensure they have the proper controls and policies in place. To address policy guidelines for chain-of-custody requirements, the IDN solution ensures that only authorized administrative staff can access audit logs, which can be downloaded on demand by PCI auditors in an automated fashion.

Identity-based PCI micro-segmentation. Within the IDN fabric, the security and networking perimeter can easily be moved from the network edge to the PCI machines or hosts, creating hardened yet flexible secure micro-perimeters–without modifying existing infrastructure. Requirements for securing data-in-motion are addressed, since all whitelisted devices and associated traffic are automatically secured within PCI micro-segments using machine-to-machine AES-256 encryption. This capability supports PCI DSS v3.2 requirements across the LAN and WAN.

Reduce time spent on PCI audits. The IDN solution was designed with a manageability-first mindset, making ease-of-use through its intuitive orchestration engine a top priority. Because of this design principle, meeting PCI audit requirements is much simpler for IT personnel. Specifically, secure transport of logs, auditability of access to the system, traffic filtering, and audit reporting of system configuration changes, is easy using The Conductor and its new PCI reporting capabilities. Customers can reduce IT personnel time spent on PCI audits by 60 percent, on average.

“With Marcum’s PCI practice, we pride ourselves on not only helping customers achieve PCI compliance, but also focus on ways to improve their overall security posture while saving time and money in the process,” said Ted Carlson, President, Marcum Technology. “That’s why we’ve partnered with Tempered Networks and we’re excited about their new PCI compliance support. Not only does Tempered dramatically improve an organization’s security posture with unique capabilities like wide area micro-segmentation and cloaking, but the simplicity of their solution can reduce PCI personnel time by as much as 62 percent.”

Related Resources

Tempered Networks’ Identity-Defined Networking overview
New release of Identity-Defined Networking webinar – VP of Products
Identity-based PCI micro-segmentation overview

Availability

The new release of Tempered Networks’ IDN platform is available now. PCI enforcement and reporting are included in the platform at no additional cost. The Coalfire Systems lab validation report will be available by Q2 2017. Please contact your preferred reseller for more information or contact [email protected].

About Tempered Networks
Tempered Networks is the pioneer of Identity-Defined Networking (IDN), driving a new identity paradigm that basis trust on the host identity itself, not a spoofable IP address. Our IDN architecture unifies networking and security to overcome today’s complex and inherently vulnerable networks. We provide the industry‘s most extensible networking overlay fabric, with automated policy-based orchestration, making it simple to instantly connect or disconnect any IP resource with another, located anywhere in the world—on-premises, virtual or cloud. With IDN, local and wide-area micro-segmentation is now achievable and simple. It leverages your existing infrastructure, while eliminating future expenses on unecessary point networking and security products. For more information, visit www.temperednetworks.com.