A Segment of One for Secure, Granular and Efficient Network Access Control
The growth of enterprise collaboration, consumption of information on personal devices and mobile distributed workers has resulted in the collapse of the traditional perimeter. Today, users require access to business applications, data and services whether on-premises or in the cloud, at work or on the road. And in today’s globally connected business environment, those users could be employees, partners or customers whose broad entitlements represent a significant security risk.
In the new world of pervasive internal and external threats, distributed organizations and global ecosystems, the perimeter is more porous and less relevant than ever. The old models simply aren’t working. We need to move from perimeter-centric, VLAN and IP-focused security to a model that focuses on securing the entire path from user to application, device to service - on a one-to-one basis.
AppGate provides a new security model for today's perimeterless IT landscape
AppGate enables organizations to adopt a Software-Defined Perimeter approach for granular security control. AppGate makes the application/server infrastructure effectively “invisible.” It then provides users with access to authorized resources only, verifying user context and attributes — including device posture and identity — before granting access to an application. Once the user logs out, the secure tunnel disappears. Additionally, when a user’s context changes – such as moving from a corporate to a public network, additional security requirements (such as multi-factor authentication) can be enforced, or access can be denied. All controlled by a simple policy.
With AppGate, the full security posture — including device, location, time, group, configuration and more — are used by the policy engine to dynamically define access to applications. AppGate does not depend on a traditional network perimeter model or require specific hardware, therefore it can be used across cloud and hybrid environments by leveraging software-defined virtualization techniques including its patent-pending architecture that combines scalability with high-availability.
Now enterprises can achieve dynamic, user-centric network security, while obtaining the reliability and performance needed to support their resources in the cloud or on-premises. With AppGate, organizations can uniquely obtain fine-grained, user-centric access control, while simplifying security, compliance, and operational complexity.
Out of Sight, Out of Reach
Traditional perimeter security models check credentials at the door and then provide access to an entire network segment. Users may not be authorized to access certain services, but the services are still present on the network, and a visible lock is a vulnerable lock. AppGate’s service-specific connections abstract applications and resources from the underlying physical infrastructure, which means that unauthorized services are simply not visible on the network at all. Can’t be seen, can’t be compromised.
Protection from Every Angle
Today’s business environments require that organizations evolve beyond traditional perimeter-based security. AppGate ensures that all resources – whether on-premises, private or public cloud – remain invisible until authorized. AppGate reduces cost, complexity and effort for configuring third-party, privileged user access and cloud infrastructure management. And AppGate provides exhaustive forensic evidence of access to systems and documents. With seamless integrations with SIEM systems, AppGate simplifies compliance audit and reporting.
Integrated with Identity Management
Users can be authenticated against multiple identity management systems, including on-premises, cloud-based SAML, or third-party systems. This enforces strong authentication, and enables organizations to connect network security to their identity management life cycles.
Multi-Tenant Environment Support
Designed for multi-tenant environments. With AppGate it’s simple to create independent groups of users and resources with delegated administration. Centralized service provider organizations can confidently enable their internal or external customers with admin access, while ensuring isolation of different customer environments.
Built for the Cloud
Cloud resources – whether in private or public clouds – can easily be protected. AppGate has a flexible, distributed deployment model to suit any architecture, automatically detects server instance creation, and uses server attributes to determine user access.