Software Defined Perimeters (SDP) - The Gateway to Zero Trust Environments (ZTE)

Updated: Feb 18


Software Defined Perimeter (SDP)

An SDP is one of the pillars of a Zero Trust Environment (ZTE). It is network security architecture that delivers heightened security access to an organization’s applications. It does so by creating specific authorized security connections from each end user to the enterprise applications.

To complete the secure access, a client agent must be deployed on all client devices in order to access the servers being protected by the perimeter.


Why Is This Needed Now?

Consider the overall 2018 breach data:



By the time a cup of coffee has been consumed, greater than 15,000 records are in the hands of hackers, nation states, etc. The attack vectors are relentless and the attack surface is our intellectual property. Is this acceptable?


What is the source of the breaches?

No other source of data breaches came close to malicious outsiders in the first half of 2018. The number of records exposed by external attackers rose by more than 800 percent to over 2.4 billion records breached.


Unfortunately, the attacks are only increasing…up to 20 billion attacks per day[1], with 10 million new attack vectors surfacing per day. The task of protecting servers and communications is only getting more complicated and unmanageable from a Cybersecurity perspective.

If the statistics were not enough, consider the recent headlines:

  • Cyberattacks are the fastest-growing crime in the U.S. (Cybersecurity Ventures, 2017)

  • Seventy percent of businesses surveyed believe their security risk increased significantly in 2017 (Ponemon Institute, 2017)

  • In 2016, 95 percent of breached records came from three industries: government, retail and technology. (TechRepublic, 2017)

  • In 2016, around one billion accounts and records were compromised worldwide, or roughly three for every American citizen. (TechRepublic, 2017)

  • Around 24,000 malicious mobile apps are blocked every day. (Varonis, 2018)

  • IoT attacks were up 600 percent in 2017. (Varonis, 2018)

  • Ransomware attacks grow more than 350 percent every year. (Varonis, 2018)

  • The U.S. receives 18.2 percent of all ransomware attacks. (Varonis, 2018)

  • Ninety-two percent of malware is delivered by email. (Verizon, 2018)

  • How Chinese Spies Got the NSA’s Hacking Tools, and Used Them for Attacks (New York Times, 2019)

  • Hackers Have Been Holding the City of Baltimore’s Computers Hostage for 2 Weeks (New York Times. 2019)

  • In Baltimore and Beyond, a Stolen N.S.A. Tool Wreaks Havoc (New York Times. 2019)

  • 885 MILLION SENSITIVE FINANCIAL RECORDS EXPOSED ONLINE (Wired, 2019)


Organizations cannot sit idly by when it comes to the protection of their Intellectual Property (IP) and communications from Cybersecurity attacks. It’s clear that current methods and standards are not maintaining a security perimeter to protect your IP. A new approach is called for:


A Zero Trust Environment


NCoded Communications

Zero Trust Environment Overlay


The NCC ZTE Overlay is a design developed to complete the following objectives through new and unconventional proprietary technology:

  • Reduce Your Attack Surface

  • Secure User Access

  • Encrypt Data-In-Transit

  • Cloak Your Infrastructure from Evil Actors

The overall objective is to neutralize the adversaries.

Once completed, you will have established a Software Design Perimeter (SDP) cloaking your environment from being seen or accessible on the Internet by anyone. The Operational Technology (OT) security premise once the ZTE Overlay deployed is:


If they can’t see it, they can’t steal it!


ZTE in detail

The NCC Zero Trust Environment is a new security architecture definition to address the Cybersecurity environment of 2018+. It builds on the 2010 academic definition of a ZTE from Forrester Research addressing the 2018+ needs of the cyber industry.

It begins with a least-privileged access model, comprised of the following:

  • A security posture of default deny. A Zero Trust Environment must follow the mantra of:

Trust No One & Trust Nothing


  • NCC deploys and unconventional method of secure connectivity to the SDP: Trusted Node Communications (TNC). From the onset of execution, two trusted nodes on your network communicating with each other should have no implicit trust. Implicit trust must be earned through strong authentication between the two nodes through dual node interrogation and verification.

For more information about NCoded Communications please email Info@nccinc.com

[1] Cybersecurity Ventures, Feb 6, 2019.