ZTN - Cloud DMZ

Cloud DMZ and Zero Trust Security

Today, a typical company’s IT can span multiple internal networks, branch offices with their own local infrastructure, remote access for mobile workers and cloud services. The network perimeter as a secure boundary between intranet and Internet is therefore becoming increasingly blurred. Traditional firewalls are designed to block attackers from the Internet, but they are less useful for detecting attacks or unauthorized sideways movement within larger and distributed hybrid structures.

Security-as-a-Service

oneclick™ acts as an intermediary and at the same time as a separation layer between all users and company resources, no matter where they are located and who provides them. The platform includes all components of a Demilitarized Zone (DMZ):

  • Comprehensive protection against all common forms of cyber attacks
  • Ready for immediate use, without great configuration effort
  • Multi-level authentication and security policies
  • Highly encrypted streaming
  • Data never leaves the secure hosting location

Security-as-a-Service

oneclick™ acts as an intermediary and at the same time as a separation layer between all users and company resources, no matter where they are located and who provides them. The platform includes all components of a Demilitarized Zone (DMZ):

  • Comprehensive protection against all common forms of cyber attacks
  • Ready for immediate use, without great configuration effort
  • Multi-level authentication and security policies
  • Highly encrypted streaming
  • Data never leaves the secure hosting location

Highly secure application provisioning with included Cyber Assurance

Remote access to software applications and data via the oneclick™ platform is so secure that with the order of a user license there comes an insurance cover of the product provider Victor Deutschland GmbH and the risk carrier Württembergische Versicherung AG. In comparison to classic cyber insurances, the Cyber Assurance in connection with oneclick™ has already accomplished all laborious preliminary examinations. The safety architecture of the platform, the resilience, minimum requirements for passwords, implemented right and role concepts as well as multi-factor authentication are positively examined. The scope of cover includes interruption of operations, restoration of data and programs as well as measures to protect the reputation.

Cyber Assurance

Highly secure application provisioning with included Cyber Assurance

Remote access to software applications and data via the oneclick™ platform is so secure that with the order of a user license there comes an insurance cover of the product provider Victor Deutschland GmbH and the risk carrier Württembergische Versicherung AG. In comparison to classic cyber insurances, the Cyber Assurance in connection with oneclick™ has already accomplished all laborious preliminary examinations. The safety architecture of the platform, the resilience, minimum requirements for passwords, implemented right and role concepts as well as multi-factor authentication are positively examined. The scope of cover includes interruption of operations, restoration of data and programs as well as measures to protect the reputation.

Cyber Assurance
Das sagen Analysten:Forrester

Implement a next generation security model

In today’s threat landscape, well-organized cybercriminals are working to steal your data for economic, political or military gain. To counteract this, security managers should implement Forrester’s Zero Trust model and develop robust processes for detecting and responding to incidents. Zero Trust has become the security model of choice for businesses and government agencies. Implementation does not require you to abandon all your current security controls to start over. With the right approach, you can realize immediate benefits.

“A Practical Guide To A Zero Trust Implementation”

Ongoing verification of the trust status

The oneclick™ platform is based on best practices in IT security, namely the principles of a Zero Trust Architecture (ZTA). In this approach, no actor who wants access to resources or services in the network is trusted from the outset. Every access, whether from outside or inside, is individually authenticated. Users are not only checked each time they log in, but their trust status is continuously validated during the sessions. If a change is detected that poses a risk, the granted access to a service is interrupted. Zero Trust focuses on the protection of defined company resources instead of individual network segments. oneclick™ supports customers in the consistent implementation of the concept.

Authentication
Authentication

Ongoing verification of the trust status

The oneclick™ platform is based on best practices in IT security, namely the principles of a Zero Trust Architecture (ZTA). In this approach, no actor who wants access to resources or services in the network is trusted from the outset. Every access, whether from outside or inside, is individually authenticated. Users are not only checked each time they log in, but their trust status is continuously validated during the sessions. If a change is detected that poses a risk, the granted access to a service is interrupted. Zero Trust focuses on the protection of defined company resources instead of individual network segments. oneclick™ supports customers in the consistent implementation of the concept.

Zero Trust Network

A recommended implementation variant of NIST

From design oneclick™ corresponds to the preferred model variant of the US National Institute of Standards and Technology (NIST). Because oneclick™ is available as a cloud portal, no software components need to be installed on the company systems. Administrators do not have to ensure that each device has the appropriate agent before use. If someone wants to access an application or a resource in the network, oneclick™ authenticates them for exactly those and takes them directly there. Access management is moved from the network perimeter to the oneclick™ platform, so that users never know where they are within the network. NIST confirms that the implementation variant of oneclick™ is the most flexible for BYOD policies and cross-organizational collaboration.

Zero Trust Network

A recommended implementation variant of NIST

From design oneclick™ corresponds to the preferred model variant of the US National Institute of Standards and Technology (NIST). Because oneclick™ is available as a cloud portal, no software components need to be installed on the company systems. Administrators do not have to ensure that each device has the appropriate agent before use. If someone wants to access an application or a resource in the network, oneclick™ authenticates them for exactly those and takes them directly there. Access management is moved from the network perimeter to the oneclick™ platform, so that users never know where they are within the network. NIST confirms that the implementation variant of oneclick™ is the most flexible for BYOD policies and cross-organizational collaboration.

Elimination of solutions for endpoint and mobile device management

With oneclick™, no additional solutions for endpoint and mobile device management are needed anymore. These attempt to make users and devices part of a trusted zone by installing clients and certificates. However, these solutions are complex to implement and manage. Malware can unnoticedly take over devices that are actually trusted. oneclick™ is a new model that no longer requires the concept of trusted devices. The safe barrier is the browser. Thanks to the streaming method used by oneclick™ in the browser, no end device can infect an application server, because direct communication between the user and the target system can be completely ruled out.

Cloud DMZ
Cloud DMZ

Elimination of solutions for endpoint and mobile device management

With oneclick™, no additional solutions for endpoint and mobile device management are needed anymore. These attempt to make users and devices part of a trusted zone by installing clients and certificates. However, these solutions are complex to implement and manage. Malware can unnoticedly take over devices that are actually trusted. oneclick™ is a new model that no longer requires the concept of trusted devices. The safe barrier is the browser. Thanks to the streaming method used by oneclick™ in the browser, no end device can infect an application server, because direct communication between the user and the target system can be completely ruled out.

IT Manager

Cost and risk reduction through outsourcing of the Security Operations Center

Because managing network security is a time-consuming and human-capital intensive activity, many organizations prefer to outsource the service to a specialized provider. This results in significant cost reduction and the ability to focus their own energies on their core business. oneclick™ is effectively protected against unwanted access through an intelligent, multi-layered combination of intrusion detection and prevention systems (IDS/IPS), web access firewall (WAF) and service-defined network rules. The Security Operations Center (SOC) of the oneclick™ platform is operated by professional cyber security experts. The team works according to recognized standards and frameworks to reliably keep cyber risks in check.

IT Manager

Cost and risk reduction through outsourcing of the Security Operations Center

Because managing network security is a time-consuming and human-capital intensive activity, many organizations prefer to outsource the service to a specialized provider. This results in significant cost reduction and the ability to focus their own energies on their core business. oneclick™ is effectively protected against unwanted access through an intelligent, multi-layered combination of intrusion detection and prevention systems (IDS/IPS), web access firewall (WAF) and service-defined network rules. The Security Operations Center (SOC) of the oneclick™ platform is operated by professional cyber security experts. The team works according to recognized standards and frameworks to reliably keep cyber risks in check.

Zero knowledge thanks to innovative identity and rights management

The oneclick™ platform has integrated Bundesdruckerei’s identity and rights management system FIDES. With FIDES, users gain self-determination over their data by means of digital authorization chains. The privacy-by-design approach meets the high requirements of the General Data Protection Regulation of the European Union. During audits it is always traceable who has accessed which data or systems when and with which authorizations and where these authorizations originate. Through the use of the FIDES pseudonymization service, no personal data is stored recognizably in oneclick™ and the Zero Trust architecture is supplemented by a Zero Knowledge approach. The combination of oneclick™ and FIDES makes it possible for the first time to manage both the administration of the entire Active Directory and the access to applications and data via a uniform interface in the browser.

FIDES
FIDES

Zero knowledge thanks to innovative identity and rights management

The oneclick™ platform has integrated Bundesdruckerei’s identity and rights management system FIDES. With FIDES, users gain self-determination over their data by means of digital authorization chains. The privacy-by-design approach meets the high requirements of the General Data Protection Regulation of the European Union. During audits it is always traceable who has accessed which data or systems when and with which authorizations and where these authorizations originate. Through the use of the FIDES pseudonymization service, no personal data is stored recognizably in oneclick™ and the Zero Trust architecture is supplemented by a Zero Knowledge approach. The combination of oneclick™ and FIDES makes it possible for the first time to manage both the administration of the entire Active Directory and the access to applications and data via a uniform interface in the browser.

Our Market Positioning

The ideal solution should have implemented key capabilities in the best possible way and with a high level of service in order to provide applications and data easily, quickly and securely. Compare oneclick™ with competitors.

matrix_smal@2x

Reduction of Total Cost of Ownership

With oneclick™ as a new delivery model for applications and data, you can reduce your costs by up to 50%. Compare oneclick™ with alternative technologies.

ROI
Implement Security-as-a-Service
Let us know your requirements and we will advise you on the oneclick™ security concept, which acts as a highly secure mediation and separation layer between your resources and users.
Nehal Thakore

Nehal Thakore
will be happy to advise you personally:

UK sales: +44 121 512 0089

USA sales: +1 954 568 8112

Schedule a meeting now

Implement Security-as-a-Service
Let us know your requirements and we will advise you on the oneclick™ security concept, which acts as a highly secure mediation and separation layer between your resources and users.
Nehal Thakore

Nehal Thakore
will be happy to advise you personally:

UK sales: +44 121 512 0089

USA sales: +1 954 568 8112

Schedule a meeting now

Create your secure workspace.

Test the free trial now!

Test it now
Password Reset
Please enter your e-mail address. You will receive a new password via e-mail.