Offload Security Enforcement to a Dedicated System
Internal applications no longer run in isolation, and are now connected to partners, customers and services outside the control of IT and application owners. Security for these cloud connections is critical for enterprises but puts a burden on application development. Controlling and tracking access outside the firewall becomes a complex task for IT. A system dedicated to secure control of cloud application connectivity is the answer.
Authentication and Key Management for Publishing API based Apps
Cloud Security Gateway authenticates and validates inbound user and service requests from cloud based partners and customers. For IT and Security teams, Gateway centralizes the complex and diverse task of establishing identity, determining access rights, and distributing tokens to be used for application access. Brokering external and internal token systems, standards based or proprietary, places a complex burden on developers and their applications. Cloud Security Gateway packages these functions in a simple, dedicated utility.
Ensure integrity of messages exchanged and protect internal systems
API exchanges with external services and data consumers can open a vulnerability to attacks, loss of integrity, or unauthorized access to internal systems. Infrastructure and security teams need a control point to encrypt, track and regulate the inbound and outbound flow of data from the enterprise. Cloud Security Gateway enables IT to centralize encryption and signature management for all cloud facing applications, and creates an application firewall to cut off malicious intruders.
Access Control and Policy Enforcement
When data is exchanged outside the enterprise, controls should be applied the same way as for internal access. IT operations needs a way to use enterprise directories such as LDAP or Active Directory to control access to services outside the firewall.
For requests coming in, IT needs explicit control over which systems and services are accessible. Filtering of specific users, services or content based on internal governance policies may be required. All of these policy and filtering controls necessitate the use of a gateway to examine, filter and forward messages at the enterprise perimeter.
Control for Applications Consuming Cloud-Based Services
Cloud Security Gateway manages the enterprise interaction with cloud apps. When multiple applications or “Shadow IT” projects begin consuming external data or configuring cloud services via API, the exchange of information outside the network perimeter can get out of control.
For application architects and line-of-business application owners, data from multiple API based services, can be consumed without maintaining authentication processes for each one. This includes cloud based services like Amazon and SalesForce.com, each using proprietary authentication schemes.
API exchanges with external applications can open a vulnerability to attacks, loss of integrity, or unauthorized access to internal systems. Infrastructure and security teams need a control point to encrypt, track and regulate the inbound and outbound flow of data from the enterprise. Cloud Security Gateway enables IT to centralize encryption and signature management for all cloud facing applications, and protect from malicious intruders.