agat security suite n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
AGAT Security Suite PowerPoint Presentation
Download Presentation
AGAT Security Suite

Loading in 2 Seconds...

play fullscreen
1 / 28

AGAT Security Suite - PowerPoint PPT Presentation


  • 123 Views
  • Uploaded on

AGAT Security Suite. Extending ISA/IAG beyond the l i mit. AGAT Security suite - introduction.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

AGAT Security Suite


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
agat security suite

AGAT Security Suite

Extending ISA/IAG beyond the limit

agat security suite introduction
AGAT Security suite - introduction
  • AGAT Security suite is a set of unique components that allow extending ISA / IAG functionality to solve complex architectures and requirements, typically implemented in large, complex and well secured networks.
  • To learn more about our solutions please visit our website at http://www.agat.co.il or contact yoavc@agat.co.il
main filter list
Main Filter list
  • AG Authentication Relay
  • ActiveSync
  • AG Remote Cert Auth
  • AG SSO
  • AG Multiplexer
  • AG
  • Secured File Upload
ag authentication relay1
AG Authentication Relay
  • General description

The Authentication Relay filter allows users to authenticate using a digital certificate when the application is protected by more than one ISA server in a cross domain architecture.

.

ag authentication relay cont
AG Authentication Relay (cont)
  • The solution is based on two web filters:
    • In the front ISA the Relayfilter signs the user’s name (after being authenticated by ISA) and time stamp and submits the signed data in the request header.
    • In the back ISA the Consumerfilter verifies that the message was received from the front ISA and then performs the authentication to the required application..
  • The solution does not require any domain trust relationship between the front and back domains.
ag authentication relay cont1
AG Authentication Relay (cont)

Architecture

Option A- Basic Authentication Relay

ag authentication relay cont2
AG Authentication Relay (cont)

Architecture

Option B- Strong Authentication Relay

ag authentication relay use cases
AG Authentication Relay – Use cases
  • When more than one ISA is protecting the application and smart card authentication is needed.
  • When there is a single front end ISA in the external domain protecting several sub-networks that are using ISA.
  • Typically when using IAG as a gateway and several ISA servers are protecting the internal domains.
  • When you need the client’s certificate at the back end of multiple ISA architecture.
ag activesync intro requirement
AG ActiveSync - intro & requirement
  • ActiveSync is a data protocol used to synchronize end user devices with Exchange server.
  • Typically the exchange server is published using IAG/ISA.
  • Organizations need to control the content published to the client (ie iPhone, windows mobile) to ensure that the content published is compatible with the device security level requirements.
ag activesync filter solution
AG ActiveSync filter solution
  • The ActiveSync filter allows configuring publishing rules according to device type and Exchange objects (mail, events, tasks and contacts).
  • In addition, the filter can block publishing of attachments and can perform content filtering.
ag activesync filter features
AGActiveSync filter features
  • Filter rule configuration by device type (iPhone, windows mobile etc)
  • Allowing or blocking Sync of the following objects: mail messages, contacts, tasks and calendar events.
  • Allowing or blocking Sync of attachments in mails messages or events
  • Filtering by words in content of mail and calendar events.
  • Allowing meeting requests to be published even when mail is blocked.
  • Support ActiveSync 4.5
ag remote cert auth description
AG Remote Cert Auth- Description
  • Enable to perform certificate authentication using an LDAP that is not in the same domain as the ISA server.
ag remote cert auth use cases
AG Remote Cert Auth -Use cases
  • When users are using smart cards to login and the LDAP is in a different domain than the ISA.
  • Typically when organization is securing theLDAP / Active directory in a separate domain then the ISA
ag sso description
AG SSO - Description
  • Add user certificate and LDAP properties to headerrequest for application authentication.
ag sso use cases
AG SSO - Use cases
  • When your web application is not configured to use Windows authentication and user identity is needed.
  • Properties from LDAP are needed for the application.
  • When you need to pass the client certificate to your internal IIS.
ag multiplexer description
AG Multiplexer - Description
  • Enable transmitting the user's request via a single point of access to several internal destinations according to user organization unit or group
  • Automatically generate a menu page listing all accessible URLs.
ag multiplexer use cases
AG Multiplexer – Use cases
  • When you need to provide a single point of access to all users to browse to different web applications.
  • When routing users is needed according to the location in the Organization Unit (OU) or Group.
  • Typically when the network is divided into several subnets/domains managed separately.
  • Avoid publishing many internal sites.
ag access controller description
AG Access Controller- Description
  • The filter extends the ISA web publishing rule system with additional criteria.
  • Supports configuring the web publishing rules based on user OU or Group.
  • Enables working with an LDAP server that is not in the same domain as the ISA/IAG.
ag access controller ssl vpn
AG Access Controller - SSL VPN
  • Allows filtering users that use SSL VPN.
  • Enables identifying the user in SSL VPN in order to prevent anonymous requests entering the firewall
ag secured file upload description
AG Secured File Upload- Description
  • Fast file content verification
  • Verify that the extension of the file matches the file content
  • Pass file to antivirus to check virus in content
  • Block dangerous content before reaching internal site.
slide28
END

See more filters available on http://www.agat.co.il