DAAG Product Overview

Typically, an enterprise fails to timely centralize the planning and building of its secure access and control capabilities in response to its booming, leading to ineffective control of internal resources. To take protective measures for building relevant capabilities, the enterprise needs to cope with three challenges at least:
Revamping of websites and relevant services are done on a separate basis, indicating high cost and long duration;
There is hardly any global control of renovated sites and services with decentralized authorities;
The access and auditing of corporate resources are hugely dependent on the logs of all sites and services, indicating the high difficulty of standardization and high cost of connection as a whole.
On the grounds of “never trust, always verify”, DataCloak unveils the DAAG. By placing all intranet users on an equal footing as open network users, we help enterprises implement more cost-effective global identity and access authority management in one step.
Zero Trust architecture has been proven able to address challenges in the new era, including BYOD, telecommuting, secure flow of data, etc. Enterprises see assuring application access and security by DAAG as a crucial step towards Zero Trust architecture.
Product Functions
Fine-grained Identity Authentication and Authorization
Supports multiple authentication methods and multi-factor authentication (MFA)
Attribute-based access control (ABAC)
Device authentication system based on confidential computing
Trusted and Secure Endpoint Access
Endpoint device authentication and fingerprint recognition
Endpoint identity authentication and single sign on
Anomaly detection and continuous validation in the endpoint environment
Zero Trust Security Engine
Zero Trust Security Engine
AI adaptive policy engine
Anomaly detection and situation awareness in business access
Product Features
Business Integration and Security
- Hides business systems to make intranet business information unattainable by means such as port scanning
- Implements SSL uninstalling, HTTPS transparent access, intrusion detection and other security functions as a whole
- Enables risk control and the establishment of a full range of anomaly detection and response blocking mechanisms based on active defense and sustainable validation technologies
Lean Authority Control
- Adaptive fine-grained active authority policy engine drives the principle of least privilege on a sustainable basis
- RBAC/ABAC authority model enables efficient management of ultra-large-scale authority data and supports the separation of the three powers as well as of the rights and responsibilities of users and resources
Convenience in Operation and Maintenance
- Business systems can implement the single sign-on (SSO) scheme and access the enterprise's centralized identity authentication management (IAM) system without the need of modification
- Simplifies operation and maintenance via high-availability and clustered deployment that is based on microservices and supports DevOps, as well as the use of stateless parallel capacity expansion
Customer Value
Centralizes easy company-wide multi-business-system identity authentication and connection as well as business authority management
Places internal business systems on the Internet and secures access in one step
Upgrades into the Zero Trust security architecture at high speed but low cost
Technical Superiority
Trusted Endpoint Control and Channel Encryption
- Mechanisms of continuous authentication by identity, device, and environment: MFA, device-based fingerprint recognition and sustainable check on environmental integrity
- Unified channel encryption for intranet access: TLS/HTTPS-based channel encryption algorithm, as well as identity-based certification and private key management mechanism
- Trusted endpoint security mechanism: PKI + Trusted Chain + TPM
Zero Trust Adaptive AI Security Engine
- Compatible for fine-grained access control by user identity and attribute: fulfills efficient operation management of access authority data in the order of tens of millions
- Lean access control: fulfills least privilege requirements
- AI adaptive security engine: supports the driving of lean and least business privilege
High Performance, Highly Reliable, and Flexible Deployment
- Low latency and high throughput: compatible for ≥10,000-tiered QPS and 10-GB bandwidth by a single instance
- Stateless design: supports clustering deployment and horizontal flexible extension
- Load balancing and fault tolerance: enables automatic anomaly detection and completes switching within seconds, avoiding the risk of single point of failure (SPOF) and supporting level-by-level escape and degradation mechanisms