DataExpress Secure Gateway’s (DXSG) primary role is to mitigate risk to a host application server file transfer environment. A DataExpress feature, Secure Gateway deploys as a DMZ (De-Militarized Zone) point-of-presence, isolating both DataExpress and the host application server from the internet.
Traditional DataExpress implementations expose the entire host platform to public-facing internet hazards. To affect access and some control, installations drill holes and limit port assignments via firewalls and routers. This practice does not fully address the potential risk and severely limits protocol selection and interaction with outside partners.
Secure Gateway is a single DataExpress host server with one or more Secure Gateway instances associated with it. The DataExpress host server retains all monitoring, administration, operations, and control over the DataExpress infrastructure and operation. All files processed by DataExpress are stored and maintained by the DataExpress host server on its native infrastructure.
| Supported Protocols |
| Inbound: |
Outbound: |
- FTP
- FTPS (implicit / explicit)
- SFTP
- HTTP
- HTTPS
- WebDAV
- WebDAV(SSL)
- AS2/3
|
- FTP
- FTPS (implicit / explicit)
- SFTP
- AS2/3
|
| Secure Gateway Execution Environment |
High Availability |
- May be implemented to either Windows Server or Linux platforms.
- Secure Gateway is available for DataExpress Integrity NonStop, DataExpress for NonStop (non Integrity) and DataExpress Open.
|
- Multiple Secure Gateways may be deployed.
- Under High Availability, should a single Secure Gateway instance fail, another Secure Gateway instance will take over all activity.
|
| Security |
Risk Reduction |
Configuration |
- Provides additional security for DataExpress by shielding it from the internet for IP-based communications.
- Files reside within the secure confines of the enterprise
- Files do not require inbound or outbound files to be staged to edge FTP or application servers where data could be at risk.
|
- Secure Gateway instances function as proxy servers and inline protocol converters
- Data files are streamed securely to and from the DataExpress core server.
- All internet-based traffic is restricted to communication with Secure Gateway.
- The DataExpress core server, database and data storage facilities remain safely protected inside your internal network.
- Communication channels between the Secure Gateways and the DataExpress core server can be configured for software encryption.
- All configuration, user authentication, monitoring and control are performed via the DataExpress core server
|
- Configuration is via a graphical interface
- Few changes to DataExpress are required to implement Secure Gateway.
|
|
DataExpress is an enterprise level software; please provide us with the following information to allow us to refine our response:
|
|