Zero Networks Innovates Remote Procedure Call Firewall Capabilities to Protect Domain Controllers
June 27 2024 - 7:45AM
Business Wire
Now offered as part of their network
segmentation solution, Zero Networks RPC Firewall mitigates 95% of
domain controller's attack surface with no operational downtime
Zero Networks, a leading provider of zero trust security
solutions, is now offering enhanced Remote Procedure Call (RPC)
Firewall capabilities within the Zero Networks platform. Already
trusted and validated by the open-source community since its
initial release, Zero Networks has enhanced its integrated RPC
Firewall offering with additional benefits including RPC protection
in one click, integrated RPC auditing, and automated RPC rule
creation.
As the underlying protocol used by Microsoft services for both
local and remote communication, such as Active Directory, RPC
exposes functionality related to authentication, user management,
service management, and more. Unfortunately, it is also widely used
by attackers to deploy ransomware for the same reasons. This is a
challenge for sensitive servers, such as domain controllers, which
must have RPC ports open for the domain to function and are often
left unprotected and easy to hack.
While traditional firewalls work at the network and transport
layers, the Zero Networks RPC Firewall functions at the application
layer. This allows the RPC Firewall to examine the full context of
RPC operations and to make granular decisions over which RPC
operations to allow and which to block. The availability of RPC
Firewall within the Zero Networks platform significantly reduces an
organization’s attack surface and protects against a variety of
attacks, including lateral movement, remote code execution,
internal discovery, relay attacks, and more.
“RPC Firewall is one of the defenses that an attacker never
expects – not only are they blocked from performing unprivileged
operations, but attackers are also blocked if they gain privileged
credentials,” said Sagie Dulce, VP Research, Zero Networks. “We are
uniquely protecting domain controllers and other sensitive servers
from lateral movement and remote code execution in ways that no
other solution offers. Out of the box with no interruptions to
operations, approximately 95% of the domain controller attack
surface is mitigated by RPC Firewall. Zero Networks puts a firewall
over the RPC so you can decide which RPC operations you’re allowing
in your environment and which ones you’re locking down.”
“Using the RPC protocol, we successfully deployed the RPC
Firewall for our customers to minimize lateral movement in Windows
networks,” said Martien van Dijk, Cybersecurity Specialist for
Avantage IT, “The Zero Networks RPC Firewall also makes spreading
malware – such as ransomware – via the RPC protocol nearly
impossible, and it can finally block DCSync attacks. Our pen tests
have shown that the RPC Firewall is an enormously powerful tool for
blocking lateral movement via RPC. The RPC Firewall is a real
headache for pen testers and, therefore, for criminal hackers!”
The Zero Networks platform has three key pillars: Network
Segmentation, Secure Remote Access, and Identity Segmentation. RPC
Firewall is purpose-built into the platform’s network segmentation
solution, which is agentless, automated, and MFA-powered. Zero
Networks platform users can now rely on RPC Firewall to protect
against unwarranted RPC operations while allowing legitimate and
crucial RPC traffic to flow, enabling critical services such as
domain controllers, certificate authorities, federation services,
and others to function.
To learn more and schedule a demo of the RPC Firewall, please
visit: https://zeronetworks.com/rpc-firewall-demo-request. Zero
Networks will also be at Black Hat USA; visit us at booth 2060 on
August 7-8, 2024.
About Zero Networks
Founded in 2019, Zero Networks is a simple, fully automated
platform for zero trust segmentation and remote access. Zero
Networks’ microsegmentation offering is automated, agentless and
MFA-powered to stop lateral movement and block ransomware. The
Identity Segmentation solution provides unprecedented control of
admin and service accounts, to enable the principle of least
privilege. And the advanced ZTNA solution allows an enterprise to
securely connect employees and vendors to its network, without
compromising speed or performance. Offered on a single platform and
user interface, Zero Networks is making true Zero Trust
architecture a reality for enterprises of any size. For more
information, please visit www.zeronetworks.com.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20240627051687/en/
Taylor Hadley LaunchTech Communications for Zero Networks
978-877-2113 taylor@golaunchtech.com