IBM Sterling Secure Proxy

For enterprises that process a huge volume of data, keeping transactions and other information secure is of the utmost importance. The increasingly interconnected business environment you occupy is rapidly expanding. That’s why IBM developed the Sterling Secure Proxy: It secures and shields your business information by eliminating direct connectivity between external partners and internal servers.

By intercepting transactions at the edge of your business network, the Sterling Secure Proxy adds a level of authorization so that approved exchanges are redirected to trusted connections within your enterprise. This is known as a defense-in-depth strategy. Because configuration is managed in the trusted zone, your important business files are secured from external entities.

Another important aspect of network and file security is compliance with enterprise security policy. To address this, users can determine multiple levels of governance for comprehensive auditing and detailed audits.

Here are some of the features of the Sterling Secure Proxy platform:

Data exchange proxy software:

  • This feature resides in the DMZ to validate connections and    help prevent unauthorized access.
  • The Secure Proxy is compatible with Sterling Connect:Direct,    IBM Sterling B2B Integrator, IBM Sterling File Gateway and    IBM Sterling Connect:Express, all of which we can deploy at    Effective Data.
  • It also supports FTP, FTPS, HTTP, HTTPS, Applicability    Statement 2 (AS2), Secure Shell/Secure File Transfer    Protocol (SSH/SFTP), Protocol d’Echanges pour un Systeme    Interbancaire de Telecompensation (PeSIT) and Sterling    Connect:Direct protocols.

Best practices for firewall navigation:

  • The Secure Proxy helps prevent inbound holes in the firewall.
  • It also reduces rich targets in the DMZ by helping to ensure    that files, user credentials and data are not stored on    physical drives in the DMZ.
  • Sessions can be established from more-trusted to    less-trusted zones.
  • Companies can pass security audits more easily because the    platform enforces compliance with internal and external security policies.

Perimeter security features:

  • Direct communications between external and internal    sessions are prevented by establishing security-rich session    breaks in the DMZ using Secure Sockets Layer (SSL) or    Transport Layer Security (TLS) connections.
  • Users can inspect protocol and sensitive control information and configure error handling if violations are detected.
  • Session limits and data encryption guard against denial-of-service attacks.

Authentication services:

  • Decision makers have access to a customizable logon portal, including self-service password management for trading    partners.
  • Using existing security infrastructure, the Secure Proxy supports single sign-on and integration.
  • Multi-factor authentication enforces tight controls and validation of trading partner identity in the DMZ. This occurs before internal sessions are established to the trusted zone.
  • Users have access to authentication options for IP address, user ID and password, digital certificates, SSH keys and RSA SecurID.


  • One central configuration manager delivers configuration rules to multiple engines running in the DMZ. This facilitates easier scalability.
  • The platform supports high-availability and load-balanced clustered environments for improved business continuity and optimal performance.

A pioneer in EDI and file transfer technologies, IBM offers EDI software for business process automation and integration that fits each business and their individual needs. Effective Data is experienced in the implementation of IBM’s wide range of software products, and you can trust that we can help you choose the option that best suits your needs. Effective Data will implement solutions that allow you to work seamlessly with your trading partners while maximizing efficiencies and cost savings. As an IBM reseller, Effective Data can offer our clients superior service and discounted pricing on future software purchases