DataCloak Zero Trust Application Access Gateway (DAAG)

Your Enterprise's First Step towards Zero Trust Architecture

Apply and get all the perks NOW!

DAAG Product Overview

DAAG Product Overview

Typically, an enterprise fails to timely centralize the planning and building of its secure access and control capabilities in response to its booming, leading to ineffective control of internal resources. To take protective measures for building relevant capabilities, the enterprise needs to cope with three challenges at least:

  • Revamping of websites and relevant services are done on a separate basis, indicating high cost and long duration;

  • There is hardly any global control of renovated sites and services with decentralized authorities;

  • The access and auditing of corporate resources are hugely dependent on the logs of all sites and services, indicating the high difficulty of standardization and high cost of connection as a whole.

On the grounds of “never trust, always verify”, DataCloak unveils the DAAG. By placing all intranet users on an equal footing as open network users, we help enterprises implement more cost-effective global identity and access authority management in one step.

Zero Trust architecture has been proven able to address challenges in the new era, including BYOD, telecommuting, secure flow of data, etc. Enterprises see assuring application access and security by DAAG as a crucial step towards Zero Trust architecture.

Product Functions

  • Fine-grained Identity Authentication and Authorization图标

    Fine-grained Identity Authentication and Authorization

    Supports multiple authentication methods and multi-factor authentication (MFA)

    Attribute-based access control (ABAC)

    Device authentication system based on confidential computing

  • Trusted and Secure Endpoint Access图标

    Trusted and Secure Endpoint Access

    Endpoint device authentication and fingerprint recognition

    Endpoint identity authentication and single sign on

    Anomaly detection and continuous validation in the endpoint environment

  • Zero Trust Security Engine图标

    Zero Trust Security Engine

    Zero Trust Security Engine

    AI adaptive policy engine

    Anomaly detection and situation awareness in business access

Product Features

  • Business Integration and Security图标

    Business Integration and Security

    • Hides business systems to make intranet business information unattainable by means such as port scanning
    • Implements SSL uninstalling, HTTPS transparent access, intrusion detection and other security functions as a whole
    • Enables risk control and the establishment of a full range of anomaly detection and response blocking mechanisms based on active defense and sustainable validation technologies
  • Lean Authority Control图标

    Lean Authority Control

    • Adaptive fine-grained active authority policy engine drives the principle of least privilege on a sustainable basis
    • RBAC/ABAC authority model enables efficient management of ultra-large-scale authority data and supports the separation of the three powers as well as of the rights and responsibilities of users and resources
  • Convenience in Operation and Maintenance图标

    Convenience in Operation and Maintenance

    • Business systems can implement the single sign-on (SSO) scheme and access the enterprise's centralized identity authentication management (IAM) system without the need of modification
    • Simplifies operation and maintenance via high-availability and clustered deployment that is based on microservices and supports DevOps, as well as the use of stateless parallel capacity expansion

Customer Value

  • Centralizes

    Centralizes easy company-wide multi-business-system identity authentication and connection as well as business authority management

  • Easy

    Places internal business systems on the Internet and secures access in one step

  • Quick Upgrade

    Upgrades into the Zero Trust security architecture at high speed but low cost

Technical Superiority

  • Trusted Endpoint Control and Channel Encryption图标

    Trusted Endpoint Control and Channel Encryption

    • Mechanisms of continuous authentication by identity, device, and environment: MFA, device-based fingerprint recognition and sustainable check on environmental integrity
    • Unified channel encryption for intranet access: TLS/HTTPS-based channel encryption algorithm, as well as identity-based certification and private key management mechanism
    • Trusted endpoint security mechanism: PKI + Trusted Chain + TPM
  • Zero Trust Adaptive AI Security Engine图标

    Zero Trust Adaptive AI Security Engine

    • Compatible for fine-grained access control by user identity and attribute: fulfills efficient operation management of access authority data in the order of tens of millions
    • Lean access control: fulfills least privilege requirements
    • AI adaptive security engine: supports the driving of lean and least business privilege
  • High Performance, Highly Reliable, and Flexible Deployment图标

    High Performance, Highly Reliable, and Flexible Deployment

    • Low latency and high throughput: compatible for ≥10,000-tiered QPS and 10-GB bandwidth by a single instance
    • Stateless design: supports clustering deployment and horizontal flexible extension
    • Load balancing and fault tolerance: enables automatic anomaly detection and completes switching within seconds, avoiding the risk of single point of failure (SPOF) and supporting level-by-level escape and degradation mechanisms

Product Architecture

DAAG Product Architecture

Find out WHICH solution fits your enterprise

Contact Us
Contact Icon
Contact Us
Contact Us 0755-21616605 contact@datacloak.com.cn Free Trade Center of ShenZhen