- Company (that provides the nominated product / solution / service): Forum Systems
- Website: http://www.forumsys.com
- Company size (employees): 10 - 49
- Product Version Number: N/A
- Type of solution: Hybrid
- Year this product or service was first introduced to the market: 2002
- Year the current version of this product or service has been released: 2016
- Approximate number of users worldwide: More than 100 million users worldwide
In 3 bullets, summarize why this product or service deserves recognition:
• Leading Technology – The Forum Sentry API Security Gateway is the industry’s only NIST FIPS 140-2 Level 2 and NIAP Network Device Protection Profile certified API security gateway. Featuring industry-first, patented cryptographic acceleration of security processing, Forum Sentry serves as an information broker deployed as a logical API protecting data, applications and services. Architected on “security-first” design principles, Forum Sentry precludes clients from directly accessing data, application and services tiers by exposing APIs that are protected by privileged access management policies. This enables repeatable privileged access management solutions, as well as seamless deployments with minimal disruption to existing systems and architectures.
• Customer Traction – Forum Systems has been the security foundation in global network architectures for more than 15 years. In fact, current Forum Sentry-based privileged access management solution deployments include U.S. federal agencies, foreign governments/agencies, and global enterprises in the financial services, energy, telecommunications, healthcare and transportation industries.
• Demonstrable Results – Solving privileged access management with the Forum Sentry API Security Gateway provides significant cost savings over alternative approaches or technologies. Synovus Financial CTO Santosh Kokate explains this from his experience deploying a privileged access management solution for online mobile banking using the Forum Sentry API Security Gateway: “Our yearly recurring licensing fees for the existing agent-based IAM solution were accumulating to a million dollars each year. In addition, development costs to support that solution were also growing with every new application and service. By deploying Forum Sentry and replacing the existing solution, we were able to simplify the complexity of our architecture, move to an agentless model for IAM, identity federation and SSO, and furthermore save $1.5M in development costs, support and licensing.”
In less than 300 words, summarize the most important features and benefits of this product or service
Privileged access management as a solution has expanded dramatically in scope driven by the evolution of mobility, cloud computing and APIs. Controlling access to information, systems and data are the cornerstones of effective privileged access management. However, our modern computing era requires a technology solution purpose-built to seamlessly and securely bridge the expanding diversity in technologies, systems, data formats and protocols. And an API security gateway has become a fundamental architectural component to solve these modern privileged access management requirements.
Processing and securing more than 10 billion transactions per day worldwide, the Forum Sentry API Security Gateway protects and accelerates data exchange and API service access across networks and business boundaries, significantly reducing the cost and complexity of centralizing security, identity and governance. Forum Sentry is a certified-secure product that combines identity access control with data security through policy-driven rules and dynamic assessment of data flows. This solution-based approach to privileged access management allows unified data protection across disparate clients and users accessing data from both modern and legacy systems.
Several solution areas converge within the gateway architecture, which provides a modern and secure approach to privileged access management; notably, the Forum Sentry API Security Gateway delivers all of the following key capabilities:
• Bi-directional data enforcement (request and response)
• Data security (conformance, encryption, signatures)
• Multifactor authentication (multicontext authentication)
• Identity access control (SSO, Federation)
• Role-based access control (RBAC and access-based access control [ABAC])
• Threat mitigation (virus detection, DoS protection)