What is a Software-Defined Perimeter (SDP)?
D3 ยท Architecture ยท CompTIA Security+ SY0-701A SDP (Software-Defined Perimeter) creates an invisible, dynamic network perimeter around resources. Users cannot even see (or ping) protected resources until they are authenticated and authorized โ creating a "dark cloud" where infrastructure is hidden from the internet.
Differs from VPN: SDP hides the existence of resources; VPN just encrypts the connection to a visible network.
SDP components: SDP Controller (authentication/authorization), SDP Client (user device), SDP Gateway (protects resources).
Differs from VPN: SDP hides the existence of resources; VPN just encrypts the connection to a visible network.
SDP components: SDP Controller (authentication/authorization), SDP Client (user device), SDP Gateway (protects resources).
SDP reduces attack surface by making servers invisible until authenticated. Often used interchangeably with ZTNA on the exam. Key benefit: you can't attack what you can't find. SDP implements "deny all, allow specific" at the network discovery level.