
FEATURES
SSL/TLS CERTIFICATE MANAGEMENT
We are all guilty of using non-HTTPS (or HTTPS with self-signed certificates). No more! We have completely automated this. All services will use proper, public, certificate management. Both for the public facing side, but also for all internal east-west connections.
USER IDENTITY
It all starts with knowing who you are, your identity. This is often confused with passwords and separate logins. We say NO! You are 1 person, why should you have to manage multiple logins?
We federate social plus corporate (e.g. Active Directory) logins. No passwords ever traverse our system. The system administrator gets a very simple, easy-to-use method of assigning roles and authorisation, based on this universal user identity.
We do not replace your identity system. Use your natural Identity Providers, make the login seamless to people and systems.
SIMPLE ROLE MANAGEMENT
Create groups. Assign roles to groups. Assign those to applications. Then on-board you users. It becomes universal: we don’t have to deal with different methods per application. Everything is done in the HTTP layer, the web layer. Universal.

DISASTER RECOVERY. CLOUD NATIVE ORCHESTRATION
Create groups. Assign roles to groups. Assign those to applications. Then on-board you users. It becomes universal: we don’t have to deal with different methods per application. Everything is done in the HTTP layer, the web layer. Universal.
HYBRID CLOUD DATA FLOW
Let you users work how they want, where they want, when they want.
Got a simple training moodle? Great, let them use it on their tablet on the deck.
Got a hours-of-service record for commercial drivers? Great, let the drivers record this on their mobile (not while driving of course!)
Why should they care what network they are connected to? Let’s make the application work anywhere, with equal, strong security. Zero-Trust of the network.
A DEPLOYMENT MODEL FOR EVERYONE
From SaaS to deep inside the VPN. From outbound-only connections to a point-to-point VPN. We have you covered.
Single server behind a DMZ?
Single application with our agent to make it use only outbound connections, no change to your security perimeter?
Our workload-based firewall makes sure only the right system talks to the right system.
Our identity-based firewall makes sure only the right user talks to the right system.
MULTI-FACTOR AUTHENTICATION
Enrich your identity providers with 2-factor authentication. Web Push (Was tthis you logging in?), TOTP (code-based challenge app), biometric and FIDO devices. We have you covered.
Trust-on-first-use makes enrollment simple.
Any user, any device, anywhere.
The Agilicus Identity-Aware Web Application Firewall will act as an authenticating proxy, injecting on behalf of the application. Become compliant quickly, with no rework.
Any user, any identity provider, any application.
APPLICATION CATALOG, SELF-SERVED APPLICATION REQUESTS
Users are dynamic. Applications are dynamic. Centrally managing who can access what can be challenging.
A catalog (available as a mobile-application launch tray) which allows quick-launch of each application, which allows requesting access to new ones, which allows discovery, is more efficient and effective for all.
SIMPLE SHARING OF FILES, DIRECTORIES
Have an internal directory of files you need to access? Run an on-premise database-type application like QuickBooks? Wish you could use this from home? Or share with your accountant? Worried about Ransomware and other risks?
Agilicus can make that directory available to the users you choose, with the permissions they need, from any network or device, without a client, without a VPN. No need to create an Active Directory account for your accountant, simple share.
No data is synced to a cloud provider, there is no concern about data sovereignty or possession.
Your data, your server. Share it directly to whoever you need, no intermediaries.