Advanced edge security for your inbound and outbound multi-enterprise data exchanges
Is your B2B vendor driving up costs?
Now might be a good time to upgrade to IBM Sterling software with flexible and affordable pricing including perpetual or subscription licensing options.​
Secure partner access to your internal servers
IBM Sterling Secure Proxy provides a crucial DMZ-based security layer at the network edge, preventing directexternal access to internal servers to ensure trusted B2B and MFT exchanges.
By employing multifactor authentication, SSL session breaks, and protocol inspection, it secures network and data while in-flight anti-virus and data loss prevention actively neutralize malware and prevent unauthorized data outflow,safeguarding sensitive organizational information.
Provides firewall navigation best practices to help ensure perimeter security for enhanced protection of your data and trusted zone.
Offers multifactor authentication before connection to backend systems, for tighter controls and validation.
Includes proxy support and functions to improve security of edge-based file exchanges.
Provides advanced routing to simplify infrastructure changes, saving time and reducing risk during migrations.
IBM Sterling Secure Proxy certified containers are enterprise-grade, security-hardened product editions with integrated common software services for consistent deployment lifecycle management. The scalable containers include easy iinstallation and configuration options, and upgrade and roll-back management.
Provides a secure intermediary, a standalone server, as the demilitarized zone (DMZ). This is a sterile holding area until the partner is successfully validated. Then a separate session is established from the DMZ to the trusted zone.
Minimizes rich targets in the DMZ by ensuring that files, user credentials and data are never stored on physical drives in the DMZ. Removes requirement for inbound holes in the firewall.
Prevents direct communications between external and internal sessions by establishing secure session breaks in the DMZ using SSL or TLS encryption.
Provides authentication options, including IP address, user ID and password, digital certificates, SSH keys and RSA SecurID.
Provides support for ICAP supported virus scanning engines to ensure files are scanned for malwares before it lands on the secure zone.
Editions
This edition provides reverse proxy functionality that is concurrent with Sterling Secure Proxy for routing and securing inbound traffic. For Sterling Connect: Direct users, the Inbound Edition also continues to support outbound file transfers using the Connect: Direct protocol via Secure Proxy. Current clients of Sterling Secure Proxy are not impacted by renaming to Sterling Secure Proxy Inbound Edition.
This edition provides forward proxy functionality that supports routing and securing of outbound traffic. Only outbound file transfers using the SFTP protocol are supported. Current clients of Sterling Secure Proxy can purchase this edition to gain access to forward proxy functionality and Data Loss Prevention scanning.
This edition has all the features of Sterling Secure Proxy Inbound Edition and Sterling Secure Proxy Outbound Edition. Clients with entitlement to either the Inbound or Outbound edition can trade up to the Premium edition and thereby obtain functionality that supports routing and securing of both inbound and outbound traffic.
Features
| IBM Sterling Secure Proxy Features | Inbound Edition | Outbound Edition | Premium Edition |
| Supported Incoming Protocols | CD, SFTP, HTTP, FTP/S | - | CD, SFTP, HTTP, FTP/S |
| Supported Outbound Protocols | Connect Direct | SFTP | CD & SFTP |
| Session Break at DMZ | Yes | Yes | Yes |
| User-Specific/Dynamic Routing of Requests | Yes | Yes | Yes |
| User ID and Password-Based Authentication | Yes | Yes | Yes |
| REST APIs for SSP Config Manager | Yes | Yes | Yes |
| CRL Checking | Yes | Not required for SFTP | Yes |
| User ID / IP Block listing / Allow listing | Yes | Allowed Ips/User IDs stored in SEAS | Yes |
| Virus Scanning of Incoming Files | Yes | - | Yes |
| HSM Support | - | - | Yes |
| Data Loss Prevention scanning of files | - | Yes | Yes |
Resources
Move over 1 million files per day with a fast, scalable, market-leading file transfer platform.
Understanding the subtle differences between B2Bi and MFT is the key to achieving operational efficiency and future-proofing against emerging threats and evolving demands.
With rapid rise in the volume of file transfers, you need advanced edge security to protect your multi-enterprise data exchanges.