Header Image

CloudConnect Gateway

Simplify Single Sign-On & Integration to SaaS

 

The Layer 7 CloudConnect Gateway is an API Gateway with enhanced cloud adapters for simplified integration and orchestration with the cloud. The CloudConnect API Gateway allows organizations to securely consume SaaS and cloud-based services by providing not only secure Single Sign-On (SSO) but also secure data and application integration.

The CloudConnect API Gateway acts as an on-premise control point for managing how internal users and application assets are connected to outside SaaS services. By defining integration and security policies in the CloudConnect Gateway, enterprises can:

  • Implement fine-grained access control over which resources/users can interact with which SaaS applications
  • Manage API-level data and application mapping 

As a result, enterprises can govern how they consume SaaS applications while making those resources feel and operate like extended parts of the internal enterprise.

The CloudConnect Gateway simplifies cloud access by providing:

  • A central point for managing SSO to cloud services using enterprise IAM
  • Data mapping tools for easier data synchronization
  • Pre-made connectivity adapters for popular cloud services like Salesforce
  • A flexible API adapter for engineering access to any cloud service
  • Multi-cloud orchestration and brokering capabilities
  • Centralized cloud API usage tracking 
 

Data Sheet

Case Study

CloudConnect Gateway

Download the data sheet >>

Salesforce Integration

Read the case study >>

 

Create Single Sign On for SaaS applications – utilizes existing enterprise directory and LDAP resources to log users and machines into SaaS applications, thereby creating a single point of maintenance for all users/machine ids across the extended enterprise, while eliminating potential security breaches that arise when employees leaving a company are removed from the enterprise IAM system but retain their SaaS login due to oversight.

Secure SaaS application integration – securely integrate enterprise applications and SaaS applications using Web services in order to ensure that internal/SaaS systems are always up to date.

Track SaaS Usage – knowing who in your organization is using SaaS applications how often can help you ensure compliance with industry and government regulations, as well as help optimize SaaS licensing.

Hardware

 

 Chassis

 1U standard rack mount

 Processor

 Dual Intel Xeon E5-2640 2.5GHz CPU

 Cryptography

 - Optional onboard HSM and support for external HSMs

 - FIPS 140-2 support in both hardware and software

 Ports

 4 x Gigabit Network Cards

 Memory

 32GB RAM

 Storage

 Mirrored, hot-swappable 300GB drives

 Power

 Dual redundant, hot-swappable; 600 watts

 Performance

 Able to handle more than 10,000 requests per second

 

Software

 

 Operating Systems

 - Solaris 10

 - SUSE Linux

 - Red Hat Linux 5.0

 

Virtual Appliance

 

 Server

 ESX (VMware Ready certified)

  • XML
  • SOAP
  • AJAX
  • XPath
  • XSLT
  • WSDL
  • XML Schema
  • LDAP
  • SAML
  • PKCS
  • X.509 Certificates
  • FIPS 140
  • Kerberos
  • W3C XML Signature
  • W3C XML Encryption
  • SSL/TLS
  • SNMP
  • SMTP
  • POP3
  • IMAP4
  • HTTP/HTTPS
  • WCF
  • JMS
  • MQ Series
  • REST
  • Tibco EMS
  • FTP
  • WS-Security
  • WS-Trust
  • WS-Federation
  • WS-Addressing
  • WSSecureConversation
  • WS-MetadataExchange
  • WS-Policy
  • WS-SecurityPolicy
  • WS-PolicyAttachment
  • WS-SecureExchange
  • WSIL
  • WS-I
  • WS-I BSP
  • UDDI
  • WSRR
  • MTOM
  • IPv6

 

Identity and Message Level Security
Identity-based access to services and operations
  • Integration with leading identity, access, SSO and federation systems from Oracle, Sun, Microsoft, CA, IBM Tivoli, Novell
  • Onboard identity store for administering identities and staging new services
Manage security for cross-domain and B2B relationships
  • Credential chaining, credential remapping and support for federated identity
  • Integrated SAML STS issuer featuring comprehensive support for SAML 1.1/2.0 authentication, authorization and attribute based policies
  • Integrated PKI CA for automated deployment and management of client-side certificates, and integrated RA for external CAs
Cryptography
  • Optional onboard HSM, as well as support for external HSMs (i.e., SafeNet Luna)
  • Support for elliptic curve cryptography (conforms to NSA’s Suite B algorithms)
  • FIPS 140-2 support in both hardware (Level 3) and software (Level 1)
Web SSO
  • Support for Web browser STS, facilitating single sign on for users logging into SaaS/cloud applications
XML Threat Protection
Filter XML content for SOA, Web 2.0 and Cloud
  • Configurable validation & filtering of HTTP headers, parameters and form data
  • Detection of classified or “dirty” words or arbitrary signatures with subsequent scrubbing, rejection or redaction of messages
  • Support for XML, SOAP, POX, AJAX, REST and other XML-based services
Prevent XML attack and intrusion
  • Protect against XML parsing; XDoS and OS attacks; SQL and malicious scripting language injection attacks; external entity attacks
  • Protection against XML content tampering and viruses in SOAP attachments
Logging & Reporting
Services Reporting
  • Configurable, out-of-the-box reports provide insight into SSG operations, service-level performance, and user experience
Customer Mapping
  • Report on service performance, policy violations and SLA conformance based on specific customers, composites (i.e., processes and transactions using a service) or clients to build a profile of actual enterprise/cloud user experience
Audit and Logging
  • Log message-level transaction information
  • Spool log data to off-board data stores and management systems