Airlock Secure Access Hub
Airlock Secure Access Hub combines the important IT security issues of filtering and authentication into a well-coordinated overall solution that sets standards in terms of usability and services. The Secure Access Hub covers all important functions of modern IT security in this field: from a web application firewall (WAF), to a customer identity management (cIAM) system with integrated strong customer authentication, to API and microservice security that meets the latest requirements.
Within the secure access hub, Airlock Gateway acts as a central reverse proxy for all HTTPS connections and protects against web attacks. It analyses traffic moving between users and services. Attempted attacks on applications are blocked before they can reach the in-house systems. Airlock provides comprehensive protection against the OWASP Top 10 vulnerabilities. Modern applications and services shift the user guidance into the end devices of the users. Communication with the servers thus focuses on the exchange of process data via APIs (Application Programming Interfaces). Airlock API is therefore based on Airlock WAF and comes with a solid filter arsenal for web security.
Modern IT security architectures are evolving towards micro segmentation and zero trust architectures. Modern software development is done in agile teams and follows DevOps paradigms. The Airlock Microgateway is the perfect fit for these requirements. The new component is a lightweight alternative to the Airlock Gateway appliance and can be used as a container in microservice architectures. The development was done in close cooperation with DevOps professionals and pilot customers.
The increasing automation and digitisation of business processes requires absolutely secure and efficient access procedures and this is precisely what Airlock’s customer identity and access management (cIAM) guarantees. The way in which users obtain authorisation to access data or applications is generally not standardised. This is where Airlock IAM comes in and offers centralised identity management and organisation of access permissions, for applications and APIs, alike. Integrated applications can be bundled as a single sign-on (SSO) group.
Strong authentication prevents password theft, phishing and social engineering attacks without sacrificing the convenience of a well-designed user experience. Thanks to risk-based authentication, customers are only authenticated when the chosen function requires it. Customers authenticate in order to use their rights and to express their will. The technical possibilities to perform a 2-way authentication are versatile and all of them have their advantages and disadvantages. Here you will find an overview of the methods currently in use, evaluated according to security, user-experience, management and costs.