Sterling Secure Proxy
Features and Benefits
Application proxy
- Resides in the demilitarized zone (DMZ)
- Supports IBM® Sterling Connect:Direct®, IBM® Sterling Connect Express® and IBM® Sterling B2B Integrator servers
- Support for multiple DMZ environments
- Supports FTP, FTPS, HTTP, HTTPS, SSH/SFTP, PeSIT and Sterling Connect:Direct protocols
- Supports use of a FIPS 140-2 compliant data encryption module
Firewall navigation best practices
- Prevents inbound holes in the firewall
- Minimizes rich targets in the DMZ by ensuring that files, user credentials and data are not stored in the DMZ
- Establishes sessions from more-trusted to less-trusted zones
- Enforces internal and external security policies
Perimeter security
- Prevents direct communications between external and internal sessions by establishing secure session breaks in the DMZ using SSL or TLS
- Inspects protocol and sensitive control information, enabling configurable error handling for violations
- Session limits and data encryption guard against Denial-of-Service attacks
Authentication Services
- Customizable logon portal provides self-service password management for trading partners
- Supports single sign-on and integrates with existing security infrastructure, including Active Directory and Tivoli user databases
- Multifactor authentication enforces tight controls and validation of trading partner identity in the DMZ before information is passed to the trusted zone
- Authentication options include IP address, user ID and password, digital certificates, SSH Keys, RSA SecurID
Clustering
- One central configuration manager pushes out configuration rules to multiple engines running in the DMZ, making it easy to scale
- Clustering for high availability and load balancing provides operational continuity and improved performance
Back to top
