Cloud DMZ and Zero Trust Security
Today, a typical company’s IT can span multiple internal networks, branch offices with their own local infrastructure, remote access for mobile workers and cloud services. The network perimeter as a secure boundary between intranet and Internet is therefore becoming increasingly blurred. Traditional firewalls are designed to block attackers from the Internet, but they are less useful for detecting attacks or unauthorized sideways movement within larger and distributed hybrid structures.
Security-as-a-Serviceoneclick™ acts as an intermediary and at the same time as a separation layer between all users and company resources, no matter where they are located and who provides them. The platform includes all components of a Demilitarized Zone (DMZ): |
|
Security-as-a-Service
oneclick™ acts as an intermediary and at the same time as a separation layer between all users and company resources, no matter where they are located and who provides them. The platform includes all components of a Demilitarized Zone (DMZ):
- Comprehensive protection against all common forms of cyber attacks
- Ready for immediate use, without great configuration effort
- Multi-level authentication and security policies
- Highly encrypted streaming
- Data never leaves the secure hosting location
Ongoing verification of the trust status
The oneclick™ platform is based on best practices in IT security, namely the principles of a Zero Trust Architecture (ZTA). In this approach, no actor who wants access to resources or services in the network is trusted from the outset. Every access, whether from outside or inside, is individually authenticated. Users are not only checked each time they log in, but their trust status is continuously validated during the sessions. If a change is detected that poses a risk, the granted access to a service is interrupted. Zero Trust focuses on the protection of defined company resources instead of individual network segments. oneclick™ supports customers in the consistent implementation of the concept.
Ongoing verification of the trust status
The oneclick™ platform is based on best practices in IT security, namely the principles of a Zero Trust Architecture (ZTA). In this approach, no actor who wants access to resources or services in the network is trusted from the outset. Every access, whether from outside or inside, is individually authenticated. Users are not only checked each time they log in, but their trust status is continuously validated during the sessions. If a change is detected that poses a risk, the granted access to a service is interrupted. Zero Trust focuses on the protection of defined company resources instead of individual network segments. oneclick™ supports customers in the consistent implementation of the concept.
| Das sagen Analysten: |  |
Implement a next generation security model
In today’s threat landscape, well-organized cybercriminals are working to steal your data for economic, political or military gain. To counteract this, security managers should implement Forrester’s Zero Trust model and develop robust processes for detecting and responding to incidents. Zero Trust has become the security model of choice for businesses and government agencies. Implementation does not require you to abandon all your current security controls to start over. With the right approach, you can realize immediate benefits.
“A Practical Guide To A Zero Trust Implementation”
A recommended implementation variant of NIST
From design oneclick™ corresponds to the preferred model variant of the US National Institute of Standards and Technology (NIST). Because oneclick™ is available as a cloud portal, no software components need to be installed on the company systems. Administrators do not have to ensure that each device has the appropriate agent before use. If someone wants to access an application or a resource in the network, oneclick™ authenticates them for exactly those and takes them directly there. Access management is moved from the network perimeter to the oneclick™ platform, so that users never know where they are within the network. NIST confirms that the implementation variant of oneclick™ is the most flexible for BYOD policies and cross-organizational collaboration.
A recommended implementation variant of NIST
From design oneclick™ corresponds to the preferred model variant of the US National Institute of Standards and Technology (NIST). Because oneclick™ is available as a cloud portal, no software components need to be installed on the company systems. Administrators do not have to ensure that each device has the appropriate agent before use. If someone wants to access an application or a resource in the network, oneclick™ authenticates them for exactly those and takes them directly there. Access management is moved from the network perimeter to the oneclick™ platform, so that users never know where they are within the network. NIST confirms that the implementation variant of oneclick™ is the most flexible for BYOD policies and cross-organizational collaboration.
Elimination of solutions for endpoint and mobile device management
With oneclick™, no additional solutions for endpoint and mobile device management are needed anymore. These attempt to make users and devices part of a trusted zone by installing clients and certificates. However, these solutions are complex to implement and manage. Malware can unnoticedly take over devices that are actually trusted. oneclick™ is a new model that no longer requires the concept of trusted devices. The safe barrier is the browser. Thanks to the streaming method used by oneclick™ in the browser, no end device can infect an application server, because direct communication between the user and the target system can be completely ruled out.
Elimination of solutions for endpoint and mobile device management
With oneclick™, no additional solutions for endpoint and mobile device management are needed anymore. These attempt to make users and devices part of a trusted zone by installing clients and certificates. However, these solutions are complex to implement and manage. Malware can unnoticedly take over devices that are actually trusted. oneclick™ is a new model that no longer requires the concept of trusted devices. The safe barrier is the browser. Thanks to the streaming method used by oneclick™ in the browser, no end device can infect an application server, because direct communication between the user and the target system can be completely ruled out.
Cost and risk reduction through outsourcing of the Security Operations Center
Because managing network security is a time-consuming and human-capital intensive activity, many organizations prefer to outsource the service to a specialized provider. This results in significant cost reduction and the ability to focus their own energies on their core business. oneclick™ is effectively protected against unwanted access through an intelligent, multi-layered combination of intrusion detection and prevention systems (IDS/IPS), web access firewall (WAF) and service-defined network rules. The Security Operations Center (SOC) of the oneclick™ platform is operated by professional cyber security experts. The team works according to recognized standards and frameworks to reliably keep cyber risks in check.
Cost and risk reduction through outsourcing of the Security Operations Center
Because managing network security is a time-consuming and human-capital intensive activity, many organizations prefer to outsource the service to a specialized provider. This results in significant cost reduction and the ability to focus their own energies on their core business. oneclick™ is effectively protected against unwanted access through an intelligent, multi-layered combination of intrusion detection and prevention systems (IDS/IPS), web access firewall (WAF) and service-defined network rules. The Security Operations Center (SOC) of the oneclick™ platform is operated by professional cyber security experts. The team works according to recognized standards and frameworks to reliably keep cyber risks in check.
Our Market Positioning
The ideal solution should have implemented key capabilities in the best possible way and with a high level of service in order to provide applications and data easily, quickly and securely. Compare oneclick™ with competitors.
Reduction of Total Cost of Ownership
With oneclick™ as a new delivery model for applications and data, you can reduce your costs by up to 50%. Compare oneclick™ with alternative technologies.
Christian Petschik
will be happy to advise you personally:
UK sales: +44 121 512 0089
USA sales: +1 954 568 8112
Christian Petschik
will be happy to advise you personally:
UK sales: +44 121 512 0089
USA sales: +1 954 568 8112