A PLATFORM-INDEPENDENT

APPROACH TO SECURE
MICRO-SEGMENTATION

Use Case Analysis

T
he threat landscape is constantly
Use Case Benefits
evolving. Data centers running
Zero-trust network with full visibility and
business-critical workloads need
control
proactive security solutions to protect
Proactive protection from APT, malware,
themselves from hidden and emerging and insider threats
threats. Reduced attack surface

Interoperability with legacy and cloud

Segmenting data centers, improving security, and
systems
ensuring compliance constitute the best strategy
to protect against threats, but implementing this
strategy can be time-consuming and challenging.

Over the past decade, enterprise IT environments have grown from bare metal servers into hybrid
setups consisting of public and private clouds. Even after investing in several high-capacity firewalls
and intrusion detection systems, enterprises constantly worry about Advanced Persistent Threats
(APTs) and security breaches that may be lurking ‘undetected’ in the data center.

ColorTokens enables software-defined, platform-independent application micro-segmentation in

minutes, reducing the attack surface and improving the overall security posture of your data center.

ColorTokens Technology
ColorTokens software-defined micro-segmentation is a paradigm shift in data center security.
It brings the focus on end-users and applications. This operational principle makes ColorTokens
agnostic to firewalls, virtual machines, and private and public cloud infrastructure, and capable of
securing dynamic application workloads spread across bare-metal and cloud data centers.

User access to applications and communication between workloads, within and across segments,
is facilitated using security policies.

The policies are defined using abstractions, and not by IP addresses or VLAN memberships. This
makes ColorTokens environment separation adapt to dynamic application environments, providing
unparalleled operational ease and security.

© 2018 ColorTokens, Inc. - All rights reserved. 2101 Tasman Drive, Suite 201, Santa Clara, CA 95054 1
Protect
A Platform-Independent
Workloads From Approach
Lateral Threats
To Secure
In AnyMicro-segmentation
Public, Private, Or Hybrid Deployment Use Case Analysis
Brief

How Does ColorTokens Work?

ColorTokens has two main components
– ColorMaster and Trust Agent.

ColorMaster provides a single-pane of glass

for your hybrid data center, and it is the main
console that provides all administrative functions
including cross-segment traffic visibility, analytics,
and security policy simulations and enforcement.

Trust Agent is a light-weight software agent that is deployed on resources to be protected. These
agents are hardened, non-disruptive, and never come in the traffic path.

Secure Micro-segmentation Using ColorTokens

Let’s consider a scenario where you wanted to segment and isolate the HRM Web, application and
database servers located in a production environment. With ColorTokens, you can create reusable
security policy templates and access parameters that can be applied on the resources you want to
segment and protect.

Access parameters

© 2018 ColorTokens, Inc. - All rights reserved. 2101 Tasman Drive, Suite 201, Santa Clara, CA 95054 2
Protect
A Platform-Independent
Workloads From Approach
Lateral Threats
To Secure
In AnyMicro-segmentation
Public, Private, Or Hybrid Deployment Use Case Analysis
Brief

Security Policy Templates

After defining the security policies and resource access parameters, you can create an HRM
application for segmentation. With ColorTokens intuitive interface, you can assign the corresponding
server roles to the HRM Web, application and database servers based on abstractions. You can then
apply the three-tier security policy template based on PHP and MySQL over this application.

HRM application defined with the 3-tier security policy template

Note that when a policy is applied on the application, it is by default in the defined state; all
connection attempts and violations are reported (i.e. simulated), but no action is taken until
enforced. This state is very useful as you may want to simulate or even test out this security posture
before enforcing it – without affecting anything on the network.

© 2018 ColorTokens, Inc. - All rights reserved. 2101 Tasman Drive, Suite 201, Santa Clara, CA 95054 3
Protect
A Platform-Independent
Workloads From Approach
Lateral Threats
To Secure
In AnyMicro-segmentation
Public, Private, Or Hybrid Deployment Use Case Analysis
Brief

Micro-segmentation – Traditional vs ColorTokens

Traditional ColorTokens

Segmenting using subnets – define Reusable security policy templates,

separate policies for every subnet and
configure the VLANs and ACLs.
Cumbersome. Takes hours!
Segmenting using VMs – VMs located
on the Hypervisor are not platform
agnostic and do not communicate
with other resources in a multi-vendor
environment. Also, the Hypervisor
must be protected to comply with the
enterprise security policy.
Too many moving parts!
server roles and resource access
parameters - Automate security
Definable business applications
mapped to server roles, security and
connection information – Simplify micro-
segmentation
Segmentation across clouds in hybrid
deployments – Future-proof.
Platform agnostic implementation
– Interoperability.

Segmenting using firewalls – Must Zero-trust network with full visibility and
provision for capital-intensive advanced control – Limited attack surface
firewalls to segment the network and
ensure that there’s no performance
degradation in data throughput. Also,
there is no escape from creating and
managing thousands of firewall rules.

© 2018 ColorTokens, Inc. - All rights reserved. 2101 Tasman Drive, Suite 201, Santa Clara, CA 95054 4
Protect
A Platform-Independent
Workloads From Approach
Lateral Threats
To Secure
In AnyMicro-segmentation
Public, Private, Or Hybrid Deployment Use Case Analysis
Brief

ColorTokens Products
ColorTokens Unified Security Platform, based on the zero-trust architecture, can see, stop, and
predict security and compliance violations across any workload, any deployment, and any user.

ColorTokens Unified Threat Visibility and Analytics (ColorTokens Visibility)

Provides comprehensive visibility across all workloads, servers, containers and distributed
endpoints and users, including special purpose systems like ATMs and kiosks. This layer
provides actionable intelligence: topology and interaction of apps and the underlying
infrastructure. Security operators can look at the risk posture, analyze security vulnerabilities
and their impact on the network. You can audit traffic from VLANs/ACLs and are more confident
about your security posture.

ColorTokens Unified Intent Based Enforcement (ColorTokens Intent Enforcement)

Create zero-trust environments by enforcing resource access policies specific to individual
network segments. Using micro-segmentation with residual risk metrics, and with policy
simulations and enforcement, enterprises can visualize ‘what-if’ scenarios for accurate policy
deployments or to even probe the resiliency of the hybrid data center.

ColorTokens Identity based enforcement (ColorTokens Secure User)

Implement zero trust based on user identity and control user access to application workloads
in a cloud or on-premise servers. Reduce the attack surface on critical infrastructure due to
lateral movement of malware that piggybacks on office users and BYOD. Get granular visibility
into unauthorized workload accesses or anomalous user behavior. This deep insight further
simplifies compliance and forensics investigations.

ColorTokens Radar360 (Advanced Signature-Less Endpoint Security)

ColorTokens Radar360 is a signature-less security solution that works at the kernel level to
detect, alert and prevent unauthorized processes from running on your end-points, special
purpose terminals and critical servers. Radar360 comes as an ultra-lightweight agent and
deploys in under five minutes on Windows and Linux desktops and servers, instantly enabling
process-level visibility and control for enterprises.

About ColorTokens

ColorTokens is a Silicon Valley company, backed by legendary investors and advisors who have
helped structure the IT industry over last 30+ years. ColorTokens’ core team brings deep and
innovative industry experience from brands such as Cisco, Juniper, VMware, Microsoft, and Zscaler
in domain areas including cybersecurity, networking, and infrastructure. With customers and
partners worldwide, ColorTokens is headquartered in Santa Clara (Silicon Valley), CA, USA with a
major center of development and sales in Bengaluru, India.

For more information about the ColorTokens

solution email us at sales@colortokens.com
Call +1 (408) 341-6030 to speak to a
ColorTokens security specialist.

© 2018 ColorTokens, Inc. - All rights reserved. 2101 Tasman Drive, Suite 201, Santa Clara, CA 95054 5