The Internet remains risky for file transfer While the Internet provides organizations with an attractive channel for file transfer, it is vulnerable to external attacks. These increasingly sophisticated attacks include man-in-the-middle, denial-of-service, and eavesdropping, and often lead to the loss of information that can put your business at risk.
Sterling Secure Proxy increases perimeter security
Sterling Secure Proxy is a demilitarized zone (DMZ)-based application proxy that protects your file transfers from the public Internet, by enforcing tight controls that include trading-partner authorization, multi-factor authentication and session break all before the transfer ever enters your trusted zone. Sterling Secure Proxy will help you:
- Guard against unauthorized access and reduce data vulnerability to protect your brand
- Leverage the Internet to lower your file transfer cost and grow your file transfer community
- Comply with regulatory policies and pass tougher security audits
|
|
|
Capability |
Description |
|
Application proxy |
- Resides in the demilitarized zone (DMZ)
- Supports Connect:Direct, Connect Express and Sterling Integrator servers
|
- Support for multiple DMZ environments
- Supports FTP, FTPS, HTTP, HTTPS, SSH/SFTP, PeSIT and Connect:Direct protocols
|
|
Firewall navigation best practices |
- Prevents inbound holes in the firewall
- Minimizes rich targets in the DMZ by ensuring that files, user credentials and data are not stored in the DMZ
|
- Establishes sessions from more-trusted to less-trusted zones
- Enforces internal and external security policies
|
|
Perimeter security |
- Prevents direct communications between external and internal sessions by establishing secure session breaks in the DMZ using SSL or TLS
|
- Inspects protocol and sensitive control information, enabling configurable error handling for violations
- Session limits and data encryption guard against Denial-of-Service attacks
|
|
Authentication
Services |
- Customizable logon portal provides self-service password management for trading partners
- Supports single sign-on and integrates with existing security infrastructure, including Active Directory and Tivoli user databases
|
- Multifactor authentication enforces tight controls and validation of trading partner identity in the DMZ before information is passed to the trusted zone
- Authentication options include IP address, user ID and password, digital certificates, SSH Keys, RSA SecurID
|
|
Clustering |
- One central configuration manager pushes out configuration rules to multiple engines running in the DMZ, making it easy to scale
|
- Clustering for high availability and load balancing provides operational continuity and improved performance
|
Sterling Secure Proxy is available as licensed on premise software.
More information
Sterling Secure Proxy Capabilities Brief
