IBM Sterling Secure Proxy
For enterprises that process a huge volume of data, keeping transactions and other information secure is of the utmost importance. The increasingly interconnected business environment you occupy is rapidly expanding. That’s why IBM developed the Sterling Secure Proxy: It secures and shields your business information by eliminating direct connectivity between external partners and internal servers.
By intercepting transactions at the edge of your business network, the Sterling Secure Proxy adds a level of authorization so that approved exchanges are redirected to trusted connections within your enterprise. This is known as a defense-in-depth strategy. Because configuration is managed in the trusted zone, your important business files are secured from external entities.
Another important aspect of network and file security is compliance with enterprise security policy. To address this, users can determine multiple levels of governance for comprehensive auditing and detailed audits.
Here are some of the features of the Sterling Secure Proxy platform:
Data exchange proxy software:
- This feature resides in the DMZ to validate connections and help prevent unauthorized access.
- The Secure Proxy is compatible with Sterling Connect:Direct, IBM Sterling B2B Integrator, IBM Sterling File Gateway and IBM Sterling Connect:Express, all of which we can deploy at Effective Data.
- It also supports FTP, FTPS, HTTP, HTTPS, Applicability Statement 2 (AS2), Secure Shell/Secure File Transfer Protocol (SSH/SFTP), Protocol d’Echanges pour un Systeme Interbancaire de Telecompensation (PeSIT) and Sterling Connect:Direct protocols.
Best practices for firewall navigation:
- The Secure Proxy helps prevent inbound holes in the firewall.
- It also reduces rich targets in the DMZ by helping to ensure that files, user credentials and data are not stored on physical drives in the DMZ.
- Sessions can be established from more-trusted to less-trusted zones.
- Companies can pass security audits more easily because the platform enforces compliance with internal and external security policies.
Perimeter security features:
- Direct communications between external and internal sessions are prevented by establishing security-rich session breaks in the DMZ using Secure Sockets Layer (SSL) or Transport Layer Security (TLS) connections.
- Users can inspect protocol and sensitive control information and configure error handling if violations are detected.
- Session limits and data encryption guard against denial-of-service attacks.
- Decision makers have access to a customizable logon portal, including self-service password management for trading partners.
- Using existing security infrastructure, the Secure Proxy supports single sign-on and integration.
- Multi-factor authentication enforces tight controls and validation of trading partner identity in the DMZ. This occurs before internal sessions are established to the trusted zone.
- Users have access to authentication options for IP address, user ID and password, digital certificates, SSH keys and RSA SecurID.
- One central configuration manager delivers configuration rules to multiple engines running in the DMZ. This facilitates easier scalability.
- The platform supports high-availability and load-balanced clustered environments for improved business continuity and optimal performance.
A pioneer in EDI and file transfer technologies, IBM offers EDI software for business process automation and integration that fits each business and their individual needs. Effective Data is experienced in the implementation of IBM’s wide range of software products, and you can trust that we can help you choose the option that best suits your needs. Effective Data will implement solutions that allow you to work seamlessly with your trading partners while maximizing efficiencies and cost savings. As an IBM reseller, Effective Data can offer our clients superior service and discounted pricing on future software purchases