Home Business automation Sterling Sterling Secure File Transfer Sterling Secure Proxy IBM Sterling Secure Proxy
Advanced edge security for your inbound and outbound multi-enterprise data exchanges
A woman working on a desktop computer
Secure partner access to your internal servers

IBM Sterling Secure Proxy helps shield your trusted network by preventing direct connectivity between external partners and internal servers. It can secure your network and data exchanges at the network edge to enable trusted business-to-business transactions and managed file transfer (MFT) file exchanges. As a demilitarized zone (DMZ)-based proxy, Secure Proxy uses multifactor authentication, SSL session breaks, closing of inbound firewall holes, protocol inspection and other controls to ensure the security of your trusted zone.

Benefits of IBM Sterling Secure Proxy
Data protection

Provides firewall navigation best practices to help ensure perimeter security for enhanced protection of your data and trusted zone.

Full authentication services

Offers multifactor authentication before connection to backend systems, for tighter controls and validation.

Advanced proxy features

Includes proxy support and functions to improve security of edge-based file exchanges.

Dynamic routing

Provides advanced routing to simplify infrastructure changes, saving time and reducing risk during migrations.

In-Flight Virus Scanning

Provides support for ICAP supported Virus Scanning engines to ensure files are scanned for malwares before it lands on the secure zone.

Multifactor Authentication

Offers support for SAML integration with external identity providers to enable Multi  Authentication for external user logins.

Certified containers

IBM Sterling Secure Proxy certified containers are enterprise-grade, security-hardened product editions with integrated common software services for consistent deployment lifecycle management. The scalable containers include easy iinstallation and configuration options, and upgrade and roll-back management.

Demilitarized zone application proxy

Provides a secure intermediary, a standalone server, as the demilitarized zone (DMZ). This is a sterile holding area until the partner is successfully validated. Then a separate session is established from the DMZ to the trusted zone.

Firewall navigation best practices

Minimizes rich targets in the DMZ by ensuring that files, user credentials and data are never stored on physical drives in the DMZ. Removes requirement for inbound holes in the firewall.

Perimeter security

Prevents direct communications between external and internal sessions by establishing secure session breaks in the DMZ using SSL or TLS encryption.

Multifactor authentication

Provides authentication options, including IP address, user ID and password, digital certificates, SSH keys and RSA SecurID.


IBM Sterling Secure Proxy Features 

Inbound Edition

Outbound Edition

Premium Edition

Supported Incoming Protocols



Supported Outbound Protocols

Connect Direct



Session Break at DMZ

User-Specific/Dynamic Routing of Requests

User ID and Password-Based Authentication

REST APIs for SSP Config Manager

CRL Checking

Not required for SFTP

User ID / IP Block listing / Allow listing

Allowed Ips/User IDs stored in SEAS

Virus Scanning of Incoming Files

HSM Support

Inbound Edition

This edition provides reverse proxy functionality that is concurrent with Sterling Secure Proxy for routing and securing inbound traffic. For Sterling Connect: Direct users, the Inbound Edition also continues to support outbound file transfers using the Connect: Direct protocol via Secure Proxy. Current clients of Sterling Secure Proxy are not impacted by renaming to Sterling Secure Proxy Inbound Edition.

Outbound Edition

This edition provides forward proxy functionality that supports routing and securing of outbound traffic. Only outbound file transfers using the SFTP protocol are supported. Current clients of Sterling Secure Proxy can purchase this edition to gain access to forward proxy functionality.

Premium Edition

This edition has all the features of Sterling Secure Proxy Inbound Edition and Sterling Secure Proxy Outbound Edition. Clients with entitlement to either the Inbound or Outbound edition can trade up to the Premium edition and thereby obtain functionality that supports routing and securing of both inbound and outbound traffic.

Resources IBM Sterling Secure File Transfer

Move over 1 million files per day with a fast, scalable, market-leading file transfer platform.

Implement a zero trust strategy for your file transfers

Learn how a zero trust approach can help protect your data and reduce the possibility for ransomware or malware to travel laterally.

Safeguard your B2B transactions and file exchanges

Learn 3 steps to help protect your B2B transactions and file exchanges from security threats.

Audiogram: Enable secure and high-speed data movement

With rapid rise in the volume of file transfers, you need advanced edge security to protect your multi-enterprise data exchanges.

Our information security team is a big fan of the validation and authentication capabilities in Secure Proxy. Brenda Gillespie Senior Systems Analyst Western Union Read the client story
Expert resources to help you succeed
Product documentation

Find answers quickly in IBM product documentation.


Get technical tips and insights from others who use this product.