rsa BANNER-40

Ninety percent of organizations around the world today deploy a DMZ in order to provide customers, partners and suppliers with controlled access to corporate data. As more and more sensitive data from the internal network is duplicated in the DMZ, this perimeter network designed to be a buffer zone has become a prime target for hackers, providing IT departments with the following challenges:

  • Risk of Sensitive Data Breach – the DMZ is now a hub of external facing services containing large amounts of sensitive data and personally identifiable information resulting in greater risk of data breaches.
  • Preventing Hacking into the Internal Network from the DMZ – most front-end servers located in the DMZ communicate with servers within the LAN through an incoming port in the firewall, which hackers can utilize to launch attacks into the internal network. In addition such servers are accessible from the Internet and can be compromised by hackers, providing a second means of attacking the internal network.
  • Increased Capital Costs – the DMZ network configuration also imposes a costly burden on the enterprise’s capital expenses requiring additional hardware and software licenses as a result of duplicating sensitive data in the DMZ.
  • Higher Operational Costs – This additional hosting and synchronization of duplicated data between the LAN and DMZ requires a complex layer of data and network operations which can be complicated.

Safe-T RSAccess offers a unique secure front-end solution for enterprises and software vendors a like. Utilizing RSAccess’s disruptive and breakthrough secure reverse-access technology, organizations can now easily and securely publish external facing applications without the need to open incoming ports in the firewall, store sensitive data and application servers in their DMZ.

RSAccess Secure Data Access solution is a two tier deployment:

  • External RSAccess Node – installed in the  DMZ / external / non-secured segment
  • Internal RSAccess Node – installed in the internal / secured segment

The role of the external RSAccess node is to act as a front-end to all services published within the DMZ. It operates without the need to open any ports within the internal firewall and ensures that only legitimate session data can pass through into the LAN.

The role of the internal RSAccess node it to pull the session data into the LAN from the external RSAccess node, scan it using various application level security techniques, and then pass it to the destination application server.

Download RSAccess Secure Data Access Brochure

Download RSAccess Secure Data Access White Paper

Request a demo

Register For Our Webinar

graph-2

Safe-T RSAccess is also suitable for software vendors as part of their application. By deploying RSAccess as part of the application (in the form of an OEM) in the DMZ, software vendors are now free to develop only their client side and internal side application, without needing to cope with the hassles derived by developing and deploying a front-end.

Features

    • Secure reverse access to any TCP based app
    • Dual node patented solution
    • Unidirectional application aware traffic flow
    • No need to open incoming ports in the firewall
    • Application and protocol agnostic
    • IPSec tunnel between both nodes
    • SSL offloading on internal node
    • Block application level attacks using built-in application firewall
    • Block Layer 3 and Layer 4 level attacks
    • Offers robust authentication options for registered and non-registered users

Benefits

  • Secure application access to any application
  • Complete application and data protection
  • Closes incoming ports in the firewall
  • Simplify network and DMZ architecture, removing hackable DMZ components
  • Eliminate sensitive data, SSL keys and certificates from DMZ
  • Gain costs savings by eliminating hardware and license duplications