Synopsys对此智能芯片IP保护与Citrix安全

“今天, no matter what a user is connecting to -- whether it's an enterprise datacenter, 云数据中心或SaaS服务, 我们希望这种连接是安全的和优化的,斯利拉姆·西塔拉曼说, 首席信息官, 在Synopsys对此对此. “这是至关重要的.”

乔傅, 工程和应用的IT总监, 增加了, “为了满足远程工作者的需求, our most important issue has been to determine how the team will approach Citrix安全工作区访问 and App protection policies,”他说. ”Citrix has been our primary access model for employees when they interact with applications hosted in our internal data centers, 或者以SaaS的形式交付,“福了. “Especially critical during the coronavirus pandemic and the resulting work-from-home situation, we have implemented a very stringent process for data protection and data transfer,”他继续. “思杰在这项任务中发挥了关键作用.”

新冠肺炎之前的剧情简介世界

在COVID-19爆发之前,Synopsys对此的安全是完全不同的. There was a ‘hard exterior shell’ that protected the environment from external threats, 而且还有横向的信任. 业务部门共享代码. 所有的计算都发生在数据中心.

随着Synopsys对此的发展,它的需求也在扩大. For example, Synopsys对此 had clusters of compute and storage that needed different types of protection. IT团队必须对谁可以访问保持警惕, and isolate the compute and storage relevant to special development that was taking place. That is when the team began to look at cloud computing and zero trust framework.

“我们现在正在研究允许Synopsys对此员工使用的多种云, 承包商, 客户, 合作伙伴, 以及这些组织之间相互合作的各种组合,”Sitaraman指出. “In all of these instances, we know that the only things we can trust are the things that we control. Citrix technology is critical because it provides single pane of glass visibility into the security of the entire environment.”

安全第一部分,零信任

西塔拉曼很快地描述了《新万博官网manbet下载》安全策略的第一部分. 他说:“我们的立场是,我们不能信任其他网络. 我们希望用户通过加密的渠道进入我们的数据中心. 思杰使我们能够做到这一点.“通过统一对我们所有企业应用程序的访问, Citrix不仅帮助加强了这些应用的安全态势, 但也有助于改善整体员工体验.

In the Citrix world, the definition of zero trust can be reduced to one axiom: “Trust no one.“任何用户或设备都不应该拥有对组织网络的默认访问权限, 工作空间, 或其他资源. 即使有人受雇于这个组织, 只有通过安全协议授权的用户才能被授予访问权限. Those protocols are based on identity, multi-factor authentication, and device posture.

“思杰零信任架构有助于防止恶意软件, 数据漏出, 或VPN入侵和攻击. Citrix安全工作区访问, 用户身份验证, 安全工作区是帮助减轻这些风险的机制,“Sitaraman澄清.

西塔拉曼指出,设备类型也不重要. “Synopsys对此不控制承包商或客户的设备. The company does, 然而, control the connectivity and the authentication,”他说. “以零信任的安全姿态, Citrix has uniquely positioned Synopsys对此 as an engineering company that really cares about both security and the employee experience we deliver.”

连接的端点

Now that the Citrix infrastructure 在Synopsys对此对此 enables users to connect securely from home, 客户的位置, 咖啡店, 其他企业校园设置等, 用户可以从任何地方安全地访问. Synposys管理着30多个接入点, 包括用于内网应用的VPN, 直接访问SaaS应用程序, Citrix虚拟应用程序和桌面网关点,”Sitaraman指出. “安全工作区访问有助于整合所有这些访问点. 这最终使Synopsys对此能够加强它的安全态势, 然而,, 同时, continue to provide the high quality employee experience that is so important to success.”

In order to support remote workers, many different types of users had to be managed differently. Workers 在Synopsys对此对此 were using a host of devices – in some cases “bring your own,或非托管设备——以访问应用程序. 了解潜在的安全漏洞, 该团队制定了应用保护政策以降低风险. 

多因素身份验证以及环境内部发生的情况

”We strongly believe in the importance of contextual policies and multifactor authentication (MFA),”Sitaraman说. “An inordinate number of global data breaches have been found to be related to weak passwords.”

Citrix experts believe that the strength of an organization’s security posture is determined by its weakest link – most often users’ passwords. One of the most common remedies proposed by Citrix security subject matter experts is to mandate MFA for external entry points. Because an attacker must know a secondary authentication factor in addition to a password, MFA可以防止密码泄露.

“一旦用户成功访问了我们的环境, we also want our IT team to be able to impose prudent controls – blocking copy-paste capabilities, 禁止文件下载或上传, 和更多的,”他继续. “然而,我们必须实现一个平衡. 我们绝不想对用户体验造成负面影响.”

安全第二部分——企业数据中心、云计算和SaaS

Synopsys对此安全策略的第二部分已经成熟. 在其企业数据中心中有一组Synopsys对此服务. 另一组服务通过SaaS提供商托管在云中. 用户分布在多个地点,以确保更好的服务. “这个想法是,无论你在世界的哪个角落, 或者如何连接回企业数据中心, 我们希望用户在连接应用程序和数据时有一个安全的优化体验,”傅说. And the company’s IT department ensures good connections for all of these users and capabilities in a secure and optimized manner.

正确的安全

它最大的客户之一, Synopsys对此团队测试并实施了一系列用户控制的解决方案. 这是有风险的, 然而, simply because users were the ones who actually had to put the security measures into action. 正是出于这个原因,该组织在其美国分部实施了Citrix.S. 安全设计中心. Now, thanks to the implementation of Citrix, security measures are in the hands of IT. 在这个特殊的例子中, the customer agreed that the choice of Citrix worked well to meet security and zero trust needs.

因为客户场景中的成功, 该公司将在自己的几个地方复制这一过程, 以及其他几个客户环境. 该团队还计划使用Citrix为承包商管理安全, 以及被授权在工程环境中工作的供应商.

Synopsys对此如何启用安全模型

The team is pleased with the fact that it has the ability to control how sensitive data is accessed and what actions users can take while accessing this data. “We may expand scope by segregating our internal business units so we can create the right security boundaries relevant to product lines and data. This way, we can ensure that we provide targeted service to different user groups,” explains Fu. ”, Citrix is an excellent tool to help us provide user access segregation and to deliver the customized services,”Sitaraman说.

“未来, 当我们能够在微软Azure中利用Citrix服务时, Azure主干将确保最短, 最优路径用于信息访问.”

概要-一个持续的旅程

“多年来,思杰一直在帮助Synopsys对此整合数据中心. We continue to grow those data centers – as well as to optimize the solutions in them. 现在工程师通过Citrix访问他们的应用程序和数据,”西塔拉曼说. “当然, 我们会加入其他的解, but Citrix will continue to be essential because it enables anyone who is authorized to connect securely from anywhere. We will keep expanding our environment with a solution that will translate well as we grow into various clouds and add Citrix工作区 technology.”

Citrix零信任架构有助于防止恶意软件, 数据漏出, 或VPN入侵和攻击. Citrix安全工作区访问, 用户身份验证, 安全工作区是帮助减轻这些风险的机制.
斯Sitaraman
首席信息官
Synopsys对此

行业

  • 技术

关键好处

  • Citrix安全私有访问 (formerly Citrix安全工作区访问) enables the Synopsys对此 team to securely manage data protection and data transfer, 尤其是对于远程工作的人.
  • Citrix端点管理 enables secure management of all devices from a single platform.
  • Citrix安全私有访问 helps Synopsys对此 to consolidate access points and tighten its security posture.
  • Citrix零信任架构有助于防止恶意软件, 数据漏出, 或VPN入侵和攻击.

Citrix产品