SaaS Cloud Provider


Your Challenge – Today, many XaaS (SaaS and PaaS) cloud providers require connecting to their customer’s premise in order to access data relevant for the service. An example: connecting between a cloud provider’s SaaS application and the data it has to analyze which is located in the customer’s premise.

This seemingly simple requirement creates a variety of networking and access challenges, as well as a cumbersome deployment with multiple tiers. It might entail:
• Opening incoming holes in the customer’s Firewall for cloud traffic
• A VPN or secure connection to connect between cloud and customer premises
• Solution deployment overhead costs
• Exposure to the customer’s internal network IP by an authorized party (hacker)

Add to this the fact that the customer most likely has regulation\policy issues preventing them opening the firewall for external access. Now you face a problem of onboarding the customer to the service.


Safe-T Software Defined Access introduces an evolution in the way cloud providers connect their services to their customers’ premises and grant secure external access to their services. Built on Safe-T’s Software Defined Perimeter technology and Integrated Data Security Platform, it offers true secure and transparent access replacing the need for legacy VPNs.

By deploying Safe-T Software Defined Access Controller as part of the XaaS solution, it is now possible to transparently connect between the cloud provider’s application tier and the backend application located within the cloud provider customer’s internal network.This is achieved by deploying the Safe-T Access Gateway node in the XaaS environment and the Safe-T Controller directly into the client’s secure network, and connecting them via Safe-T’s patented reverse-access technology. The deployment eliminates the technical and operational obstacles and challenges of connecting the cloud and the customer internal network, through the client’s DMZ and network security perimeter.


  • No need to open the enterprise firewall for cloud traffic
  • Simple and easy cloud application adoption
  • No site-to-site VPN overhead
  • Multi-factor authentication
  • Hide all DMZ components from the Internet
  • Block network access, allow application access
  • Integrate all security and IAM solutions into data access flow