Testing ZTNA Firewall with Keysight CyPerf

Ensuring secure identification and authentication is crucial to protect sensitive information from unauthorized access, especially with increasing cyber threats and Cybersecurity Maturity Model Certification (CMMC) requirements. For Level 3 Department of Defense (DoD) contractors, CMMC Certification mandates addressing the risk of unauthorized access from spoofing (NIST SP 800-172 3.5.1e). Attackers masquerading as legitimate users or devices can gain unauthorized access to Controlled Unclassified Information (CUI), leading to data breaches, fines, legal fees, loss of DoD contracts, downtime, damage to reputation, and vulnerability to further attacks.

To manage this risk, organizations should use cryptographically secure and replay resistant bidirectional authentication to verify systems and components before they connect to the network. Advanced traffic simulation offers a powerful solution that ensures robust security measures, safeguards sensitive information, and maintains operational integrity against evolving cyber threats.

In this Keysight CyPerf demo, we explore the capabilities of a ZTNA-enabled firewall by simulating three distinct user groups: legitimate users accessing Office 365, restricted users attempting forbidden OneDrive access, and malicious users with invalid credentials targeting SharePoint. The test validates the firewall's enforcement of least privileged access policies, with detailed statistics on application success and failure rates. This demonstration underscores the importance of robust security measures in managing diverse user behaviors and access levels.

By integrating an advanced solution like CyPerf, organizations can safeguard their digital assets, maintain a strong security posture, and ensure that only the right users with the right privileges access the right applications. This helps meet stringent security standards, protect sensitive information, and maintain compliance with CMMC requirements.