In order for a gateway to provide security features, the gateway itself must be secure. Forum Sentry was designed with security in mind, literally. With over 8 years of product refinement, Forum Sentry XML Gateway sets the industry standard for security gateways. Forum Systems is the only company to successfully obtain a FIPS 140-2 level II hardware certification for the entire hardware device and achieve a DoD PKI certification for a secure PKI architecture. These certifications provide our customers with the independent validation that Forum Systems is the leader in hardware security.

Forum Sentry is designed to secure both data in motion and data at rest. Data Security falls into several categories:

• Transaction Privacy
• Transaction Integrity
• Transaction Accountability
• Threat Mitigation

Transaction Privacy

Transaction privacy is necessary on both the transport level for data in motion, and at the message level for data at rest. Forum Sentry provides FIPS certified SSL and TLS termination and initiation for securing the transport layer and ensuring data privacy during transit. Forum Sentry also provides XML and WS-Encryption and Decryption for XML and SOAP data across all OASIS security standards to provide transaction privacy at the message layer.

Transaction Integrity

Transaction Integrity ensures that the data wasn't tampered with and also ensures that the data conforms to the expected structure and content. Forum Sentry performs XML and WS-Signatures and Signature Verification across all OASIS security standards. For message conformance and structure integrity, Sentry provides complex XSD schema validation and schema tightening features.

Transaction Accountability

Transaction Accountability is the means to have a record of the transaction for analysis, accounting, and statistical trending. Accountability is important from a policy enforcement perspective to allow aspects the transactions to be stored for later retrieval. Forum Sentry provides archiving, logging, reporting, and monitoring for both real-time as well as historic analysis of statistics and trends.

Threat Mitigation

Threat Mitigation is essential for protecting internal network components against attack vectors in the XML and SOAP paradigm. Classic network firewalls are not XML aware and can not inspect the content and character of transactions for threat posture. Forum Sentry contains the industrty acclaimed XWall firewall component which is a comprehensive XML firewall that provides XML and SOAP based intrusion detection and prevention rules, rate-based transaction control, pattern recognition, protocol adherence, and structural integrity enforcement.

 

Forum Presidio is designed for FTP transaction security. With over 8 years of successful industry deployments, Presidio has become the seamless plug-and-play solution for FTP security. Forum Presidio policies can manage thousands of user policies and dynamically link credentials to security keys for selective runtime encryption and decryption of FTP data. Deploying the Presidio FTP gateway is transparent to existing FTP clients and provides streaming OpenPGP for unlimited file size encryption and decryption. Presido supports the sFTP and FTPs FTP security protocols.

OpenPGP security features include

• User Key Mapping
• OpenPGP Key Management
• Unlimited File Size Encryption and Decryption
• No Recurring License Fees

User Key Mapping

Forum Presidio can map OpenPGP keys to authenticated users for dynamic encryption of FTP session based on entered credentials

OpenPGP Key Management

Forum Presidio provides a simplified interface for key management, including import, export, and OpenPGP key generation.

Unlimited File Size Encryption and Decryption

Forum Presidio provides one of the industry's only solution for unlimited encryption and decryption for any data of any size. Using the steaming technology of OpenPGP chunk-encoding encryption, Forum Presidio eliminates the barries imposed by traditional OpenPGP solution for memory and disk space and provides unlimited file size security transfers.

No Recurring License Fees

Forum Presidio eliminates the need to pay for licensing and royalty fees for an OpenPGP encryption solution.