Comprehensive “Federation-in-a Box” Solution Offers Scalable, Code-free, Agentless Approach to SSO
BOSTON, August 31, 2016 – Forum Systems Inc. today announced industry-first multicontext authentication capabilities to its flagship Forum Sentry API Gateway that enable enterprises and government organizations to achieve simple, secure Identity Federation and Single Sign-On (SSO) while seamlessly integrating with existing infrastructures. With its agentless, no-code, “Federation-in-a Box” platform, the company once again advances the state-of-the-art in API Security Management.
According to top analyst firm KuppingerCole’s Executive View, Senior Analyst Matthias Reinwarth states that “the ongoing de-perimeterization of enterprise networks moves the user identity into the center of today’s security approaches.” Based on these dynamics, he advises that “an appropriate management of both enterprise and external identities as the basis for modern security architectures is required.” Notably, Reinwarth recognizes that these essential capabilities are “fully reflected within the design and functionality of the Forum Systems product design.”
“Federation-in-a Box” Delivers Enterprise SSO Out-of-the-Box
Designed to consume the spectrum of identity and message formats while leveraging investments in legacy infrastructure, Forum Sentry is the world’s only complete “Federation-in-a Box” solution. Natively integrating with, augmenting and unifying any identity provider and repository, Forum Sentry simplifies Identity Federation and SSO through the power of a point-and-click policy engine.
Notably, Forum Sentry’s unprecedented multicontext authentication within encrypted and encoded payload capabilities represents the next generation of multifactor authentication. By combining authentication information in correlation with information within the request and/or response, the product provides essential context critical to validating user behavior with exchanged information. Completing the trust model with multicontext analysis of the user and the data, Forum Sentry delivers true, secure Federated Identity and SSO.
In addition to multicontext authentication, Forum Sentry’s new features include:
- Dynamic user behavior anomaly detection
- Correlated identity-based response breach prevention
- Extensible format conversion engine for “any-to-any” token mediation
- Inline Kerberos to SAML 2.0 SSO
- Native SSO integration to SharePoint
In profiling Forum Systems, Reinwarth lauds Forum Sentry’s “substantial set of functionalities aimed at the secure implementation of identity federation.” Praising its “inherent security architecture,” he highlights that Forum Sentry’s “processing of identities and tokens is executed within the protected and certified security container without a possibility of compromising the identity data during its lifecycle or the individual identity repositories.”
Further, Reinwarth emphasizes Forum Systems’ “‘configuration instead of coding’ paradigm together with the appliance approach typically allows for a fast initial deployment with immediate results and minimal impact to existing systems.” And he notes with Forum Systems’ “truly integrative approach towards managing identities,” that “SSO and security can be strategically implemented without the need for agents being installed on target systems.”
“Our yearly recurring licensing fees for the existing agent-based IAM solution were accumulating to a million dollars each year. In addition, development costs to support that solution were also growing with every new application and service.” said Santosh Kakote, CTO, of Synovus “By deploying Forum Sentry and replacing the existing solution, we were able to simplify the complexity of our architecture, move to an agentless model for IAM, identity federation, and SSO, and furthermore save $1.5M in development costs, support and licensing.”
“Security by design, code-free, scalable, agentless. These engineering principles have driven the evolution of Forum Sentry, which has served as the security foundation in government and enterprise architectures worldwide for more than 15 years,” said Mamoon Yunus, CEO of Forum Systems. “Identity management solutions merely establish trust without validating and enforcing expected user behavior. They often rely on inadequate hand-coded, open-source security technologies and heavyweight agents that are complex, costly and burdensome to maintain. These are not the ingredients for federating identities; they are the recipe for ‘rip and replace’ technology cycles and data security disaster. Offering an extensible, future-proof approach, Forum Sentry integrates security with identity processing for cost-effective identity and information assurance.”
The only NIST FIPS 140-2 and NIAP Network Device Protection Profile (NDPP) certified technology, Forum Sentry secures identity, identity repositories and accompanying user information at network boundaries. The award-winning API Gateway supports and enforces multifactor authentication including content-based access control, role-based access control and attribute-based access control.
Serving as an information broker deployed as a logical API protecting applications and services, Forum Sentry precludes clients from directly accessing application and services tiers. This unmatched level of security prevents identity compromise and enables SSO authentication and session management achievement – all without required code changes or manipulation to backend systems.
About Forum Systems
Forum Systems, a wholly owned subsidiary of Crosscheck Networks, Inc., is the leader in API Security Management. Providing centralized security, identity and governance for SOA, REST and mobile communications, the Forum Sentry API Gateway enables enterprises to manage complex API access in an efficient, agile, highly secure manner. Processing more than 10 billion transactions per day worldwide, and architected on “security-first” design principles, Forum Sentry delivers unparalleled protection against HTML-, XML-, SOAP- and REST-based vulnerabilities. Forum Sentry is the industry’s only FIPS 140-2 and NIAP NDPP-certified API Gateway for enabling secure connectivity between users, applications and the cloud. For more information, please visit www.forumsys.com.
All product and company names herein may be trademarks of their respective owners.