The Access Shield solution was developed using the Software Defined Perimeter (SDP) concept designed to provide on-demand, dynamically provisioned secure network segmentation for user access.
Access Shield solution protects environments against main threats (like network attacks, identity thefts, malicious code exploitation, DDoS, others) reducing the attack surface, hiding the infrastructure resources and applying the least privilege principle to the entire environment.
All users and devices attempting to start a connection are validated prior to connect, ensuring that resources are accessible only to authenticated and authorized devices and users. All communications are performed using secure tunnels, even during the authentication process or while accessing the resource.
The solution architecture are formed by three components:
* Controller, responsible for authenticate and validate each user and device
* Gateways, in front of protected resources which responsible for establish a secure tunnel
* Client, on each device to start a connection
