ZoneGuard

As your true asset is information, ZoneGuard is designed to focus on information security rather that network security. Securely transferring correct and validated information using a whitelisting approach automatically solves network security in the cross domain exchange.

ZoneGuard only forwards received information when it complies with your organisation's information policy. The information policy implemented in ZoneGuard defines accepted structure, format, types, values and even digital signatures and how information has to comply.

Control your domain border

ZoneGuard is designed around separation of duties and a policy enforcement function. A digital signature is needed to change the information policy inside ZoneGuard. The keys for signing the information policy can be owned by an IT security department or another appointed policy approver. Changes cannot be done without these keys. The policy approver thus effectively takes superior control over information validation, ruling out the operational IT team and the users.

ZoneGuard also provides log control and audit trails. It can be configured to log any information entering its validation core, which is vital when you need evidence of compliance to policies and regulations.

Models

File Transfer Guard

In ICS/SCADA systems it is necessary to send reports and allow incoming firmware updates while preserving the system integrity. Defence organisations need to keep classified information within the security domain but still have to be able to release information to another system or security domain. File Transfer Guard handles both use cases, protecting integrity and confidentiality by whitelisting information exchange and providing explicit control over files sent from or to a system.

Email Guard

A versatile and powerful tool providing policy-based e-mail exchange between network boundaries. Only “permitted by you” validation allows messages including attachments to be sent through an information centric content inspection, where the inherent whitelisting works to allow permitted information to be transferred and denies all other information.

Integration Guard

Market and efficiency requirements mean ICS systems, business networks, legacy systems get more and more connected to each other, the Internet or other environments with little knowledge of current vulnerabilities. Integration Guard protects integrations and fulfils the organisational information policy 24/7, making digitalisation possible without reducing security.

ZoneGuard Platform

Enables use of several different kinds of services in a single security domain crossing. The ZoneGuard Platform includes a free of charge license for Advenica Generic Proxy Services. A Software Development Kit (SDK) supports custom-made applications and communication protocols. This means organisations benefit from comprehensive security yet can take control of the applications and use their own preferred development team or implement other communication protocols.

Security level

Resources