Products > ASG-EpiForce Security System
ASG-EpiForce Security System
for securing high connected networks

Highly connected networks and mobile devices have the potential to introduce risks in your organization’s network infrastructure. ASG-EpiForce addresses four basic types of network systems security

  • Server and domain isolation or network segmentation
  • Data confidentiality or encryption
  • Data integrity
  • User access control

Data Confidentiality

ASG-EpiForce can ensure data is accessible only to those authorized to have access by encrypting network traffic for all ports that are currently handling the traffic, such as FTP. EpiForce uses the industry standard IPsec protocol to authenticate Agents, negotiate communication parameters and to send and receive user data end to end.

Data Integrity

Using the EpiForce data integrity feature, the system can verify what you sent is what was received.

User Access Control

EpiForce security can be configured for the entire system or a specific user of the system. For example, User 1 logs in at a computer and he can access the servers in Zone 2 because he is a member of Zone 2. User 2 logs on to the same computer and she can access servers in Zone 2 and 3, but cannot access servers in Zone 1 because she is a member of Zone 2 and 3, but not Zone 1.

Product Features

Server Isolation and Network Segmentation

Limiting access to one or more servers can increase overall network security.

Epiforce can isolate servers in multiple ways:

  • Include systems with Epiforce Agents in an Epiforce Security Zone and configure mandatory protected access, e.g., encryption, for communication on specific ports between one or more systems. Systems without Epiforce Agents cannot communicate with systems in the EpiForce Security Zone since they cannot establish a protected connection.
  • Include all systems with EpiForce Agents in one EpiForce Zone and configure deny access for communications on specific ports for all systems. Create a second higher priority EpiForce Zone with a subset of the systems with EpiForce Agents that allows clear or encrypted communication on the same ports. Systems that are only in the first Zone will not be able to communicate with systems in the second Zone. However, systems that are in the second higher priority zone will be able to communicate between each other.
  • Enable isolation mode to isolate individual systems and create an EpiForce Zone to allow communications on specific ports between specific systems with Agents.

Product Resources