Secure Hybrid Cloud Access


Migrate to the Cloud Without Compromising on Security

Safe-T® Software-Defined Access provides a method for enterprises to convert their complex DMZ and perimeter architecture to light perimeter layer hosted in the cloud, while increasing network and application security.

By deploying Safe-T in a hybrid cloud and on-premises deployment, organizations can benefit from a cloud-based perimeter and DMZ segment. This can completely replace their local enterprise DMZ and allow pushing their perimeter farther away from their on-premises data center.

Using this architecture, all the organization’s services are published from the cloud using a Software-Defined Access server located within the cloud, and an internal Software Defined Access server which is located on-premises.


  • No need to open the enterprise firewall for cloud traffic.
  • Simple and easy cloud application adoption.
  • No client-server VPN overhead.
  • Hide all DMZ components from the Internet.
  • Block network access, allow application access.
  • End-to-end monitoring of file access flow.

The benefits of such a hybrid cloud and on-premises deployment include:

Masking the true location of the organization’s data center

Owing to the fact that all inbound communication is pulled from the cloud instead of being pushed to the organization, users and hackers on the internet have no knowledge of the server’s true geographic location or even external IP address.

Pulling legitimate clean traffic only

Integrated with cloud application security tools to scan data in the cloud, outside of the organization’s systems. This assures that only legitimate non-malicious traffic reaches the organization’s servers.

Reducing costs by eliminating servers and security appliances

The elimination of an entire network segment from the local data center architecture reduces the cost of maintenance, appliances, servers and licenses. The functionality of the eliminated systems is provided as a service outside of the organizational perimeter.

Mitigate risk of network DDoS attacks

By hosting perimeter/DMZ components in the cloud, it is possible to mitigate the risk of a network DDoS attack, as the attack will be blocked by the cloud provider.

Furthermore, Safe-T’s Secure Hybrid-Cloud Access solution provides the ability to build a secure cloud infrastructure with a multi-layered application security architecture. While you build your database and application servers on any IaaS solution, Safe-T Software-Defined Access acts as the secure front-end for any kind of application or protocol.

Software Defined Access CAPABILITIES
for Secure Hybrid Cloud Access

  • Ability to run in any cloud environment.
  • Hybrid cloud and on-premise deployment.
  • Enterprise firewall is constantly in a deny-all state, no open ports required for access.
  • Bi-directional traffic is handled on outbound connections from the LAN to the cloud.
  • Front-end all enterprise public facing applications from the cloud.
  • Supports a variety of applications: HTTP/S, SMTP, SFTP, SSH, APIs, RDH5 and WebDAV.
  • Robust multi-factor authentication options.
  • Removes the need for VPN connectivity between cloud and on-premises.
  • Full redundancy by utilizing multiple cloud locations.
  • Integration with leading security solutions.

Keep Your Sensitive Data in