1 / 28

AGAT Security Suite

AGAT Security Suite. Extending ISA/IAG beyond the l i mit. AGAT Security suite - introduction.

graceland
Download Presentation

AGAT Security Suite

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. AGAT Security Suite Extending ISA/IAG beyond the limit

  2. AGAT Security suite - introduction • AGAT Security suite is a set of unique components that allow extending ISA / IAG functionality to solve complex architectures and requirements, typically implemented in large, complex and well secured networks. • To learn more about our solutions please visit our website at http://www.agat.co.il or contact yoavc@agat.co.il

  3. Main Filter list • AG Authentication Relay • ActiveSync • AG Remote Cert Auth • AG SSO • AG Multiplexer • AG • Secured File Upload

  4. AG Authentication Relay

  5. AG Authentication Relay • General description The Authentication Relay filter allows users to authenticate using a digital certificate when the application is protected by more than one ISA server in a cross domain architecture. .

  6. AG Authentication Relay (cont) • The solution is based on two web filters: • In the front ISA the Relayfilter signs the user’s name (after being authenticated by ISA) and time stamp and submits the signed data in the request header. • In the back ISA the Consumerfilter verifies that the message was received from the front ISA and then performs the authentication to the required application.. • The solution does not require any domain trust relationship between the front and back domains.

  7. AG Authentication Relay (cont) Architecture Option A- Basic Authentication Relay

  8. AG Authentication Relay (cont) Architecture Option B- Strong Authentication Relay

  9. AG Authentication Relay – Use cases • When more than one ISA is protecting the application and smart card authentication is needed. • When there is a single front end ISA in the external domain protecting several sub-networks that are using ISA. • Typically when using IAG as a gateway and several ISA servers are protecting the internal domains. • When you need the client’s certificate at the back end of multiple ISA architecture.

  10. AG Active Sync Filter

  11. AG ActiveSync - intro & requirement • ActiveSync is a data protocol used to synchronize end user devices with Exchange server. • Typically the exchange server is published using IAG/ISA. • Organizations need to control the content published to the client (ie iPhone, windows mobile) to ensure that the content published is compatible with the device security level requirements.

  12. AG ActiveSync filter solution • The ActiveSync filter allows configuring publishing rules according to device type and Exchange objects (mail, events, tasks and contacts). • In addition, the filter can block publishing of attachments and can perform content filtering.

  13. AGActiveSync filter features • Filter rule configuration by device type (iPhone, windows mobile etc) • Allowing or blocking Sync of the following objects: mail messages, contacts, tasks and calendar events. • Allowing or blocking Sync of attachments in mails messages or events • Filtering by words in content of mail and calendar events. • Allowing meeting requests to be published even when mail is blocked. • Support ActiveSync 4.5

  14. AG Remote Cert Auth

  15. AG Remote Cert Auth- Description • Enable to perform certificate authentication using an LDAP that is not in the same domain as the ISA server.

  16. AG Remote Cert Auth -Use cases • When users are using smart cards to login and the LDAP is in a different domain than the ISA. • Typically when organization is securing theLDAP / Active directory in a separate domain then the ISA

  17. AG SSO

  18. AG SSO - Description • Add user certificate and LDAP properties to headerrequest for application authentication.

  19. AG SSO - Use cases • When your web application is not configured to use Windows authentication and user identity is needed. • Properties from LDAP are needed for the application. • When you need to pass the client certificate to your internal IIS.

  20. AG Multiplexer

  21. AG Multiplexer - Description • Enable transmitting the user's request via a single point of access to several internal destinations according to user organization unit or group • Automatically generate a menu page listing all accessible URLs.

  22. AG Multiplexer – Use cases • When you need to provide a single point of access to all users to browse to different web applications. • When routing users is needed according to the location in the Organization Unit (OU) or Group. • Typically when the network is divided into several subnets/domains managed separately. • Avoid publishing many internal sites.

  23. AG Access Controller

  24. AG Access Controller- Description • The filter extends the ISA web publishing rule system with additional criteria. • Supports configuring the web publishing rules based on user OU or Group. • Enables working with an LDAP server that is not in the same domain as the ISA/IAG.

  25. AG Access Controller - SSL VPN • Allows filtering users that use SSL VPN. • Enables identifying the user in SSL VPN in order to prevent anonymous requests entering the firewall

  26. AG Secured File Upload

  27. AG Secured File Upload- Description • Fast file content verification • Verify that the extension of the file matches the file content • Pass file to antivirus to check virus in content • Block dangerous content before reaching internal site.

  28. END See more filters available on http://www.agat.co.il

More Related