Many IT organizations today have to manage distributed infrastructures that span multiple on-premises, datacenters and cloud IaaS locations. Because Banyan Access Tiers can be deployed independent of the underlying network and managed via the Cloud Command Center, they can be used to simplify access controls management and improve security for even the most complex environments.
An organization may have office and datacenter locations that are spread across multiple geographies. A common deployment model is to have 1 Access Tier per location, similar to the Isolated VPCs deployment for IaaS.
In an Multi-Region Datacenter deployment, we typically have:
*.myapp.corp.example.com) that is used in the fully qualified domain name (FQDN) for services in that location. You can create specific DNS entries for services that cannot follow this FQDN convention.
A key security benefit of this style of deployment is that we can eliminate almost all East-West lateral movement. Even if an attacker were to establish a foothold inside a location, they could not move laterally into another location.
In more complex deployments that involve multi-cloud or datacenter-cloud connectivity, organizations often choose to use dedicated links - such as AWS DirectConnect or Azure ExpressRoute Gateway - to enable connectivity.
Banyan’s Access Tiers can be integrated seamlessly into these types of complex network topologies as well, because they run independent of the underlying network.