SAIFE - Home

Today’s Challenge

The concept of an enterprise security perimeter is no longer valid. Cloud migration, BYOD, and third-party access have extended the perimeter to wherever your intended users are and to whichever internet connected devices they’re using. Be it desktops, laptops, tablets, smartphones, and even IoT devices, your perimeter is more porous than ever – and your traditional perimeter-centric defenses aren’t protecting it.

A Model for Today’s Agile Perimeter

SAIFE^® has adapted a Software Defined Perimeter approach to create a new model that defines access by the user, their device, and where they are located. Access is established to only those data or applications that they are entitled to access – enforcing agile perimeters in real-time. The entire path from user to application, device to service is secured. SAIFE’s dynamic perimeter overlay (DPO) network creates secure tunnels through the Internet in which the privacy and integrity of all traffic is assured inside a micro-perimeter. Trusted routing is assured for any endpoint, across any network, regardless of infrastructure and eliminates the requirements of mandatory hardware that traditional approaches require.

Reducing the Attack Surface

Conventional perimeter security solutions restrict access to services and data and require hardware. Certain users may not be authorized to access specific services, but those services still exist on the network, and the safeguards that protect them are visible and may be vulnerable.

With SAIFE, endpoints are hidden behind all-inbound-filtering firewalls; they remain invisible on the Internet, never addressing one another, only receiving already-authenticated dynamic perimeter overlay traffic. An anonymous attacker is unable to scan or attack services on the network because they don’t know they exist there and their packets are not inside the micro-perimeter. You Can’t Hack What You Can’t See.

Collaboration On Demand

Security constraints and highly-customized infrastructures are the enemy of collaboration. When Communities of Interest (COI) need to be established to enable individuals from different organizations to collaborate, it’s challenging to grant selective access to applications and data.

SAIFE enables secure computing enclaves of disparate network connected participants to be created, modified, and dismantled easily and instantly using a point-and-click dashboard.

Fully Automated Key and Certificate Management

PKI is complex. It’s hard to implement. PKI is expensive to maintain. SAIFE supports centralized key management that automatically generates, shares, and destroys keys and certificates. Endpoints can be securely provisioned from inside your LAN or from across the Internet.

All key management operations are performed invisibly from behind point-and-click interfaces providing all the benefits of certificates and PKI with none of the headaches.

The Emerging Software Defined Perimeter

A Software Defined Perimeter overcomes the constraints of traditional tools by effectively creating a dynamic, individualized micro-perimeter for each user based on attributes such as identity, device profile, location, and authentication method. A Software Defined Perimeter approach ensures that all endpoints attempting to access a given resource are authenticated and authorized prior to accessing any resources on the network. All unauthorized network resources are made inaccessible, reducing the attack surface, by hiding network resources from unauthorized or unauthenticated users or assets.

Reigning in the Attack Surface

Undiscoverable network resources make bad targets. When endpoints and services are invisible on the Internet or the internal network, they can’t be scanned, they can’t be attacked.

Easy to Use, Easy to Implement

Simple, easy-to-use, point-and-click dashboards with automated and centralized key management for rapid provisioning of users and managing their communities of interest. Reduces administrative, management overhead while improving security dramatically.

Significantly Improve Security

SAIFE lowers the chances of successful network-based attacks such as denial-of-service attacks, man-in-the-middle attacks, server vulnerabilities and lateral movement.

Scalable, Distributed, and Dynamic

Provision access to services both in the cloud and on premise from inside your network or from across the Internet. Instantly control access to assets from any location, at any time and enable a flexible perimeter that automatically wraps around your changing assets.

Integrated with Identity Management

Authenticates users against multiple identity management systems, including Active Directory, SAML, and third-party identity and access management systems to automate provisioning.

Flexible Deployment Options

SAIFE’s flexible deployment model suits any architecture. Deploy SAIFE in public or private clouds, on premise, or via our secure SaaS-based multi-tenant environment.