Most applications cannot protect themselves. It is necessary to provide a solution that not only protects applications from unauthorised access, but that also protects application data through traffic encryption.
Policy enforcement can control both these elements through the use of access rules and assessment criteria.
Examples of criterias could be:
- Who the user is
- What authentication method is used
- Time of day
- Type of device
- End-point has to have a firewall with this rule set
- End-point has to be running a particular version of an anti-virus system
- Mac-address
All of these criteria, and more, can be used in access rules.
For the user it all works seamlessly. One example of how this could work is:
- A user connecting with a mobile phone gets access only to push e-mail, calendar sync and intranet
- A user connecting remotely with an organisation-owned PC gets access to Intranet, e-mail, files and specific applications on the server
The user logs in the same way but the rules automatically change the access rights granted.
Other variations could include whether the user is connecting inside the firewall.
Many rights management systems are built in such a way that the customer is restricted to specific
hardware and/or software combinations. The AppGate solution doesn’t have these limitations.
Assessment criteria can be measured on any standard platform (such as Linux) and the solution is not
linked to any specific software. So for the customer there are no restrictions on the choice of operating system,
software or hardware.
It is very important for the user that a security solution is easy to use. He/she has to know in an instant
what applications he/she can have access to without having to search for the answer. With the AppGate solution
the user can be presented with a dynamic portal, which shows which applications can be accessed.
Other features in the AppGate solution include the possibility to connect to LDAP servers where some of the
attributes for assessment criteria can be sourced.