The zone on your network where all external connections terminate is called the demilitarized zone (DMZ). The DMZ is the external touch point for your core business applications, business data, and file transfers. And since it is the touch point for the outside world, hackers will attempt to sabotage network security by attacking in this zone, so the servers that reside here need to know who is who, how to authenticate, and when to grant access.
Sounds obvious. But what about the data that moves through these touch points? Where does it reside? How can services in the DMZ protect the data that powers your business?
If data security and regulatory compliance are important to your organization, you need to expertly manage these capabilities with robust DMZ security. Axway’s edge solutions –SecureTransport Edge and Secure Relay – protect your data, your customers and your networks while enabling critical Managed File Transfer services between approved parties.
Axway Edge (for SecureTransport) and Axway Secure Relay (for Axway Interchange and Axway Gateway), prevent storage of sensitive information in the DMZ, adding another layer of security to data as it flows into your enterprise from the Internet and out of your enterprise through your firewall. By deploying Axway Secure Relay or Axway Edge in the DMZ, enterprises can deploy any Axway MFT gateway behind their internal firewall in a protected network, securing TCP/IP connections coming from the Internet to the gateway, and vice versa.
Using Axway Edge, you can create a multi-tier file exchange infrastructure with multi-protocol managed file transfer, SSL termination, and back-end authorization that streams data across the DMZ to SecureTransport. You can deploy multiple Edge gateways in the DMZ for load balancing and performance optimization. And Axway Edge safeguards compliance with SOX, GLBA, HIPAA, and other corporate, industry, and government mandates governing the security and privacy of sensitive information.
Deployed with Axway Interchange and Axway Gateway, Secure Relay supports Active-Active clustering environments and is available for all TCP/IP connection types and protocols, including FTP. With Secure Relay, all TCP sessions are outbound, allowing bi-directional real time data flow with no data storage in the DMZ. Secure Relay receives all configuration setup directly from Axway Gateway, and all file transfer dialog (protocol, authentication, etc.) is handled by the gateway, avoiding any permanent or temporary storage of critical info in the DMZ, including files, configuration information (such as keys and certificates), and critical back-end processing (such as digital signing or envelope decryption).