Public Cloud Protection
Secure and Direct Communication With Resources in the Public Cloud
The "public cloud" generally refers to resources that are freely accessible on the Internet. However, since these services are used for the company's purposes and usually also contain company data, access control is essential at this point from a security point of view.
To gain access to the cloud resources, the user first authenticates himself at the macmon SDP controller. Depending on requirements and policy, valid authentication of the agent on the end device can also be required, so that the use of certain devices or at least a certain level of security can be enforced even for publicly accessible services. If authentication is successful - and only then - services can be accessed in the public cloud. Access to these resources can take place both through an encrypted tunnel via a macmon SDP gateway and directly via the Internet.
Using the Identity Access Management function of macmon SDP, the control of access is controlled and at the same time single sign-on is enabled via standards such as SAML and OpenID as well as other technologies. Since the communication takes place exclusively via the client browser, no connection between the macmon SDP cloud service and your internal systems is necessary, so that single sign-on is not only available for cloud applications, but also for your internal resources without hesitation!
macmon SDP offers federation services via both SAML and OpenID and thus also functions as an identity access management solution. Since all communication takes place via the client browser, no connection between the cloud service and your internal systems is necessary. This means single sign-on is not only available for cloud applications, but also for your internal resources!
Advantages of macmon SDP
- Individual policies can be defined at user level and device level
- Minimal maintenance and low operating costs thanks to SaaS
- Includes Cloud Identity Provider / Identity Access Management (IAM)
- Prevention of „account hijacking“
- Seamless integration of cloud resources and reduced traffic
- Highly scalable for any number of users
- Global availability
- Hosted in Germany & GDPR compliant & german support
- Data center certified to ISO 27001
- Supporting Zero Trust with NAC for over 15 years