Market Issues

Expanding numbers of remote users and the rapid adoption of “the cloud” present IT professionals with an escalating security problem. How can customers and employees safely access web-based applications? Sophisticated threats pop up daily. Security based on certificates from a “Trusted” authority can be compromised. These threats are significant to individual users and the enterprise alike.

VPN and token-based infrastructures are expensive and a challenge to both deploy and maintain. Current products are often cobbled together and bolted-on to address targeted security issues, but they are inefficient, costly, cumbersome and complex to manage. Further, they don't provide a total solution to the fundamental problem, secure connectivity for the mobile workforce.

The risk of doing nothing is no longer an option, because the cost of enduring a security breach or data leak is unacceptable. So how can remote users gain flexibility and continue to collaborate without further increasing an enterprise’s security exposure?

What is needed is a product that is easy to deploy, requires no user intervention, eliminates the need for additional hardware, is HIGHLY secure, and won’t compromise productivity. This type of game-changing, break-through technology is finally available from Security First Corp.

Changing the Game with SPxConnect

SPxConnect software enables a PC, using a standard browser, to establish a unique and secure multi-tunnel web connection. It uses the FIPS 140-2 certified SecureParser ExtendedT (SPx) core. The SPx core is game-changing because it weaves security directly into the data, through encryption and splitting at the bit level prior to multipath transmission.

SPxConnect creates three transmission tunnels. No discernible data travels through any tunnel. Each tunnel requires a certificate from a different Certificate Authority (CA). This “Distributed Trust Model” eliminates Man-in-the-Middle and DNS Spoofing threats. SPxConnect is simple, cost effective Data-in-Motion (DiM) protection.

Better Security and Distributed Trust

Building on the well established TLS protocol, SPxConnect directs all TCP/IP traffic through its software layer, enabling secure, clientless remote access to SPxConnect enabled web-servers. SPxConnect creates three, simultaneous TLS sessions (or tunnels). Using SPx’s cryptographic splitting technology, a layer of security is woven directly into the data, at the bit level, prior to transmission. This application of the game-changing SPx core technology along with SPxConnect’s method of managing the data assures that even if a tunnel is compromised, there is no discernible data to attempt decrypting.

Each tunnel also requires a separate certificate from a different Certificate Authority. Requiring three certificates essentially distributes the Trust. If one certificate is compromised, attempting a man-in-the-middle attack or DNS Spoofing attack (site hijacking) will fail.

SPxConnect uses the existing and well established Public Key Infrastructure (PKI) for certificate transmission and delivery. No key storage or key management is required.

Enabling Business Agility

SPxConnect is deployed at the session layer, enabling a user to have multiple browser connections open and secured with separate and distinct SPxConnect enabled servers. If a session is attempted with a server that is not SPxConnect enabled, the user receives a visual indication that they are not SPxConnect secured, and the session will use the security policy defined by the server. Without having both SPxConnect and the necessary key, the user will not get a response from an SPxConnect enabled server.

SPxConnect can be deployed as a web downloadable application. This enables businesses the flexibility to migrate users incrementally, immediately offering superior protection to anyone enabled, wherever they are. Cloud service providers now also have the ability to easily deploy a secure connection from the cloud, without requiring any new hardware, improving server access control at the same time.

SPxConnect Advantages over VPN

SPxConnect is deployed in Layer 3 of the protocol stack and requires no special hardware. This enables a very flexible solution that is easy to administer. Numerous concurrent connections between an end user and a variety of internet servers can occur without pre-configuration. Users can be anywhere and servers can be distributed throughout an Enterprise at many network sites. This client-server topology is significantly easier to deploy and manage than traditional Layer 2 based connections, like VPNs. The enterprise can lower its TCO and improve agility at the same time.

Summary:

SPxConnect is a complete DiM security product that will significantly reduce the costs of supporting remote PC users. Once enabled, it requires no user intervention to create highly secure PC browser to web server connections. No discernible data ever crosses the connection, eliminating the risk of data loss or data leakage while the session is active. A Distributed Trust Model is used rendering Man-in-the-Middle and DNS Spoofing attacks useless.

SPxConnect delivers the key access capability needed to confidently leverage Cloud solutions and services, requiring no special hardware and provisioning easily over the internet. It completely eliminates the risk of data exploitation and leakage while in flight. This game-changing product is easy to use, cost effective and can be integrated into any IT infrastructure.
Back to top of page >