bd1b5995 blueprint

FEATURES

SSL/TLS CERTIFICATE MANAGEMENT

We are all guilty of using non-HTTPS (or HTTPS with self-signed certificates). No more! We have completely automated this. All services will use proper, public, certificate management. Both for the public facing side, but also for all internal east-west connections.

ec2c5f02
21c6e9a2 identity flow

USER IDENTITY

It all starts with knowing who you are, your identity. This is often confused with passwords and separate logins. We say NO! You are 1 person, why should you have to manage multiple logins?
We federate social plus corporate (e.g. Active Directory) logins. No passwords ever traverse our system. The system administrator gets a very simple, easy-to-use method of assigning roles and authorisation, based on this universal user identity.
We do not replace your identity system. Use your natural Identity Providers, make the login seamless to people and systems.

SIMPLE ROLE MANAGEMENT

Create groups. Assign roles to groups. Assign those to applications. Then on-board you users. It becomes universal: we don’t have to deal with different methods per application. Everything is done in the HTTP layer, the web layer. Universal.

073b3b12 groups edit

DISASTER RECOVERY. CLOUD NATIVE ORCHESTRATION

Create groups. Assign roles to groups. Assign those to applications. Then on-board you users. It becomes universal: we don’t have to deal with different methods per application. Everything is done in the HTTP layer, the web layer. Universal.

7e3fc084 multi zone
5007497d hybrid cloud

HYBRID CLOUD DATA FLOW

Let you users work how they want, where they want, when they want.
Got a simple training moodle? Great, let them use it on their tablet on the deck.
Got a hours-of-service record for commercial drivers? Great, let the drivers record this on their mobile (not while driving of course!)
Why should they care what network they are connected to? Let’s make the application work anywhere, with equal, strong security. Zero-Trust of the network.

DATA SOVEREIGNTY

Keep your data where you need it. In your building? In our cloud in your country? Our routing and services are designed to ensure you are compliant.

bfbad472 around the world
7573609e hybrid protection flow 1

A DEPLOYMENT MODEL FOR EVERYONE

From SaaS to deep inside the VPN. From outbound-only connections to a point-to-point VPN. We have you covered.
Single server behind a DMZ?
Single application with our agent to make it use only outbound connections, no change to your security perimeter?
Our workload-based firewall makes sure only the right system talks to the right system.
Our identity-based firewall makes sure only the right user talks to the right system.

FULL AUDIT AND SIEM

Every user action, every URL fetched can be attributed to that identity. The integral audit logging shows all actions, all the time, by application, by user.

6bad86c3 secure server
0408d7fd two factor

MULTI-FACTOR AUTHENTICATION

Enrich your identity providers with 2-factor authentication. Web Push (Was tthis you logging in?), TOTP (code-based challenge app), biometric and FIDO devices. We have you covered.
Trust-on-first-use makes enrollment simple.
Any user, any device, anywhere.

The Agilicus Identity-Aware Web Application Firewall will act as an authenticating proxy, injecting on behalf of the application. Become compliant quickly, with no rework.
Any user, any identity provider, any application.

APPLICATION CATALOG, SELF-SERVED APPLICATION REQUESTS

Users are dynamic. Applications are dynamic. Centrally managing who can access what can be challenging.
A catalog (available as a mobile-application launch tray) which allows quick-launch of each application, which allows requesting access to new ones, which allows discovery, is more efficient and effective for all.

3aaf1799 mobile
09870e81 file sharing

SIMPLE SHARING OF FILES, DIRECTORIES

Have an internal directory of files you need to access? Run an on-premise database-type application like QuickBooks? Wish you could use this from home? Or share with your accountant? Worried about Ransomware and other risks?
Agilicus can make that directory available to the users you choose, with the permissions they need, from any network or device, without a client, without a VPN. No need to create an Active Directory account for your accountant, simple share.
No data is synced to a cloud provider, there is no concern about data sovereignty or possession.
Your data, your server. Share it directly to whoever you need, no intermediaries.