The solution for protecting data and configurations against unauthorized access in architectures exposed to the Internet
This feature allows you to protect the internal network against unauthorized access in Spazio Managed File Transfer/Secured architectures that are exposed to the Internet network.
With Spazio DMZ Gateway no data or configurations are stored in the DMZ (Demilitarized Zone). The connection between the internal network and the DMZ is opened only in an incoming direction and is guaranteed through the use of encryption and authentication
All the IP protocols managed by Spazio Managed File Transfer/Secured, such as HTTP, FTP, FTP/S and SFTP can benefit from Spazio DMZ Gateway.
Spazio DMZ Gateway is a solution that can be easily integrated with the existing infrastructure.
The Primeur solution provides robust security features: the files exchanged between parties are treated with encryption, authentication and traceability to prevent data loss or interception.
- External IP address tracking
In the previous release of the DMZ, the originating IP address was “lost” when a connection was made through the DMZ. This was causing concerns with some customer security teams as they needed to know the originating IP address in, for example, the event of an attempted unauthorized access.
This enhancement preserves the original client IP when traversing Spazio DMZ Agent. As a result, Spazio File Governance can now apply the same level of file transfer tracking and flow visibility irrespective of whether the client is directly connected to a Spazio MFT/S protocol server (e.g. an FTP server) or the connection is streamed through a Spazio DMZ Agent in DMZ.
- Active FTP
Primeur’s DMZ implementation uses a SSH tunnel to “traverse” the firewall. The use of Active FTP is not possible when there is an SSH tunnel. Active FTP is not commonly used but, where it is, it is an important protocol and customers are reluctant to force their partners to change to the use of passive FTP.This enhancement provides for active mode FTP both on incoming and outgoing connections. This additional capability allows users to Active FTP connections through the DMZ, extending the benefits of Spazio DMZ Gateway to this less commonly used FTP transfer method.
- Multiple DMZ instances
Multiple/segmented DMZ zones are a commonplace in today’s production environments as they are required to meet tight security and/or administrative constraints. This enhancement to Spazio DMZ allows users to explicitly map an outgoing route through a specific DMZ zone, served by a dedicated Spazio DMZ Agent. This improves both security and quality of service.
- Dynamic Port Binding
The previous versions of Spazio DMZ Gateway required users to specify upfront the passive port range used by 3rd party FTP Servers for data connection when configuring a Spazio Managed File Transfer/Secured FTP client connection in passive mode for outgoing data connections. This meant an administrative overhead because customers needed to know the port range used by the 3rd party server beforehand.This enhancement removes the constraint of Spazio DMZ having to bind on all ports in the range. Port binding now happens dynamically and on demand providing significant benefits in terms of ease of configuration and overall reduced TCP/IP footprint.
|SECURED||IT DOESN’T STORE ON DISC|
|EASY TO USE AND TO IMPLEMENT|