DATACLOAK LOGO
  • Requirement Challenges
  • Solutions
  • Value of Solutions

Difficulties Faced by Enterprises Under the New Trend

With the popularization of cloud technology and the rapid development of enterprise informatization, enterprises often use multiple cloud services or data centers at the same time, and deploy different services on different clouds and data centers. Under this new trend, it is obvious that the traditional VPN architecture can no longer meet the requirements for secure and convenient access to multi-cloud/multi-data center services.

  • Enterprise data faces the risk of loss of control

    Once the VPN client establishes a connection through authentication, users can freely access and download enterprise intranet data, and cannot effectively control secondary distribution; it is difficult for enterprises to perceive terminal risks, increasing the risk of data out of control.

  • Difficult to manage and complicated to operate and maintain

    Due to the limitation of VPN integration architecture, it needs to be deployed in each data center separately, even if a single network policy is added, it needs to be configured repeatedly on multiple VPN systems, which cannot realize unified management and operation and maintenance.

  • Poor user access experience

    Users need to repeatedly switch addresses and re-login to access businesses in different data centers, which affects both efficiency and experience.

  • Duplicate builds add unnecessary costs

    Repeated VPN construction is required in multiple data centers, and as the number of enterprise employees continues to grow, VPN devices can only keep stacking up, adding unnecessary construction costs.

DACS Solution by DataCloak

Adopting standard zero trust SDP architecture, the control plane is separated from the data plane, which can naturally solve the remote security access problem in multiple data center scenarios. The overall solution includes three core components: zero trust security management center, zero trust security gateway, and zero trust client, and each data center only needs to deploy zero trust security gateway for handling data-level proxy and forwarding. Multiple data centers use the same zero trust security management center to provide unified access control policy and realize unified authority control.

  • More flexible zero trust architecture
    • Natural support for cross-regional collaboration office

      Get rid of the traditional definition of security: "The enterprise intranet is secure and the extranet is insecure". SDP extends the enterprise network boundary to the trusted device terminal, the secure workspace is where the device is.

    • Fast deployment and easy expansion

      Fast deployment with only x86 standard virtual machine servers, no special hardware devices required. Supports cross-regional deployment to ensure disaster tolerance and redundancy. At the same time, each module supports parallel expansion and can be flexibly scaled.

  • More secure zero trust terminal
    • Prevent sensitive data leakage

      Real-time dynamic sensing of network access status in the secure workspace, employees cannot privately copy or cut data to their personal desktops. Data is stored encrypted in the secure workspace and locked directly when out of enterprise control.

    • Software defined perimeter Dynamic threat awareness

      DACS monitors the security status of terminals, networks and user behavior at all times, authenticates each access, verifies login in real time, dynamically blocks intrusion and illegal access, and extends security from internal firewalls to terminals.

  • More efficient management
    • Unified management

      One security management center provides unified policy configuration, unified security baseline, and unified authority system for multiple data at the same time.

  • More convenient access experience
    • Simultaneous access to multiple data centers

      One client interfaces with multiple data centers, providing a unified user access experience without switching addresses and repeated logins.

  • More flexible zero trust architecture

    • Natural support for cross-regional collaboration office

      Get rid of the traditional definition of security: "The enterprise intranet is secure and the extranet is insecure". SDP extends the enterprise network boundary to the trusted device terminal, the secure workspace is where the device is.

    • Fast deployment and easy expansion

      Fast deployment with only x86 standard virtual machine servers, no special hardware devices required. Supports cross-regional deployment to ensure disaster tolerance and redundancy. At the same time, each module supports parallel expansion and can be flexibly scaled.

  • More secure zero trust terminal

    • Prevent sensitive data leakage

      Real-time dynamic sensing of network access status in the secure workspace, employees cannot privately copy or cut data to their personal desktops. Data is stored encrypted in the secure workspace and locked directly when out of enterprise control.

    • Software defined perimeter Dynamic threat awareness

      DACS monitors the security status of terminals, networks and user behavior at all times, authenticates each access, verifies login in real time, dynamically blocks intrusion and illegal access, and extends security from internal firewalls to terminals.

  • More efficient management

    • Unified management

      One security management center provides unified policy configuration, unified security baseline, and unified authority system for multiple data at the same time.

  • More convenient access experience

    • Simultaneous access to multiple data centers

      One client interfaces with multiple data centers, providing a unified user access experience without switching addresses and repeated logins.

Value to Enterprises

  • Enhanced security
    • Hide business, reduce exposure surface, natural anti-attack

    • High-strength data transmission encryption guarantees secure transmission in complex Internet environments

    • Sensitive business data is stored in the secure workspace, effectively controlling the secondary distribution of data

    • Continuously perceive risks, dynamically adjust security policies, change the immutable idea of security, and realize dynamic defense

  • Enhanced experience
    • Unified access portal, one login for continuous access, no need to switch repeatedly

    • Same operating experience as native OS, easy to use

  • Lower costs
    • Unified configuration management, low operation and maintenance costs

    • Pure software solution, simple deployment, fast expansion, reduce unnecessary construction costs

Contact Us