
dcBOX
Who are we?
Managed service for a simple and secure connection of business headquarters to the cloud and computer centers, through platforms that define and implement the company's security policies and advanced IT operations and information security services, dedicated to the maintenance, support and continuous improvement of perimeter networks.
Product Benefits
-
Integrated solution for perimeter security services.
-
Simple adoption of the zero trust network framework.
-
Standardization of the enterprise security model.
-
Agile integration of industry recommendations.
-
Continuous patching and vulnerability scanning.
Zero trust provides a set of principles and concepts in which PDPs/PEPs are encouraged to move as close as possible to the resource to be protected. The idea is to explicitly authenticate and authorize all subjects, assets and workflows that are part of the enterprise.
In the abstract model shown in Figure 1, an individual needs access to an enterprise resource. Access is granted through a policy decision point (PDP) and a corresponding policy enforceability point (PEP).
Zero Trust Model
NIST Special Publication 800-207 (August 2020)
3.1.2 ZTA Using Micro-Segmentation
An enterprise might decide to implement ZTA based on a single network to place individual or clustered systems and protected by a network security appliance. In this approach, the enterprise places infrastructure devices, such as manageable switches (or routers) or next-generation firewalls (NGFWs) or specific-purpose network devices to act as PEPs, protecting each resource or small group of related resources.
In order to implement the zero trust recommendation, as defined by NIST, dcBOX implements the following design principles:
-
Granular service segmentation
-
Minimal port publication
-
Authentication to service networks
-
Role-delimited access
-
Centralized and continuous patching
-
Critical service asset management
-
Visibility and monitoring of alerts
-
Continuous vulnerability scanning
Cloud-native support
-
Connection to productivity services (Office 365) and user device management (Azure Endpoint Manager).
-
Connection to business applications available in the public cloud and enterprise computing centers.
-
Secure access to infrastructure services (PBX, wireless networks, meeting rooms, etc.).
-
User interface for health control of the services that support the operation of one or more sites.
Technologies integrated into dcBOX
As part of the standard suite of solutions that are part of the product, dcBOX offers the following scope, which can be modified as part of the initial implementation:


