Skip to main content

Zero Networks Innovates Remote Procedure Call Firewall Capabilities to Protect Domain Controllers

Now offered as part of their network segmentation solution, Zero Networks RPC Firewall mitigates 95% of domain controller's attack surface with no operational downtime

Zero Networks, a leading provider of zero trust security solutions, is now offering enhanced Remote Procedure Call (RPC) Firewall capabilities within the Zero Networks platform. Already trusted and validated by the open-source community since its initial release, Zero Networks has enhanced its integrated RPC Firewall offering with additional benefits including RPC protection in one click, integrated RPC auditing, and automated RPC rule creation.

As the underlying protocol used by Microsoft services for both local and remote communication, such as Active Directory, RPC exposes functionality related to authentication, user management, service management, and more. Unfortunately, it is also widely used by attackers to deploy ransomware for the same reasons. This is a challenge for sensitive servers, such as domain controllers, which must have RPC ports open for the domain to function and are often left unprotected and easy to hack.

While traditional firewalls work at the network and transport layers, the Zero Networks RPC Firewall functions at the application layer. This allows the RPC Firewall to examine the full context of RPC operations and to make granular decisions over which RPC operations to allow and which to block. The availability of RPC Firewall within the Zero Networks platform significantly reduces an organization’s attack surface and protects against a variety of attacks, including lateral movement, remote code execution, internal discovery, relay attacks, and more.

“RPC Firewall is one of the defenses that an attacker never expects – not only are they blocked from performing unprivileged operations, but attackers are also blocked if they gain privileged credentials,” said Sagie Dulce, VP Research, Zero Networks. “We are uniquely protecting domain controllers and other sensitive servers from lateral movement and remote code execution in ways that no other solution offers. Out of the box with no interruptions to operations, approximately 95% of the domain controller attack surface is mitigated by RPC Firewall. Zero Networks puts a firewall over the RPC so you can decide which RPC operations you’re allowing in your environment and which ones you’re locking down.”

“Using the RPC protocol, we successfully deployed the RPC Firewall for our customers to minimize lateral movement in Windows networks,” said Martien van Dijk, Cybersecurity Specialist for Avantage IT, “The Zero Networks RPC Firewall also makes spreading malware – such as ransomware – via the RPC protocol nearly impossible, and it can finally block DCSync attacks. Our pen tests have shown that the RPC Firewall is an enormously powerful tool for blocking lateral movement via RPC. The RPC Firewall is a real headache for pen testers and, therefore, for criminal hackers!”

The Zero Networks platform has three key pillars: Network Segmentation, Secure Remote Access, and Identity Segmentation. RPC Firewall is purpose-built into the platform’s network segmentation solution, which is agentless, automated, and MFA-powered. Zero Networks platform users can now rely on RPC Firewall to protect against unwarranted RPC operations while allowing legitimate and crucial RPC traffic to flow, enabling critical services such as domain controllers, certificate authorities, federation services, and others to function.

To learn more and schedule a demo of the RPC Firewall, please visit: https://zeronetworks.com/rpc-firewall-demo-request. Zero Networks will also be at Black Hat USA; visit us at booth 2060 on August 7-8, 2024.

About Zero Networks

Founded in 2019, Zero Networks is a simple, fully automated platform for zero trust segmentation and remote access. Zero Networks’ microsegmentation offering is automated, agentless and MFA-powered to stop lateral movement and block ransomware. The Identity Segmentation solution provides unprecedented control of admin and service accounts, to enable the principle of least privilege. And the advanced ZTNA solution allows an enterprise to securely connect employees and vendors to its network, without compromising speed or performance. Offered on a single platform and user interface, Zero Networks is making true Zero Trust architecture a reality for enterprises of any size. For more information, please visit www.zeronetworks.com.

Contacts

Data & News supplied by www.cloudquote.io
Stock quotes supplied by Barchart
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms and Conditions.