We use cookies to improve our site and your experience. By using this website, you accept our privacy terms.

CDN

Benefits

More Secure Office Network

Revolutionizing the traditional concept of attack defense, provides network concealment, greatly reducing threat of attack, and placing 0 trust for any users and devices by default, to protect against security risks with fine-grained and dynamic access control depth.

Full Link Acceleration for Office Access

Unified access portal, single point login, preventing repeated logging in and switching accounts, and improve access speed based on link optimization, transmission optimization and other technologies.

Streamlined IT Management

Configuration can be completed in minutes to avoid cumbersome operations, dashboard of situational awareness with comprehensive management and control of business security.

Features

  • Secure Access

    Through layers of authorization and defense mechanisms, only granting personnel with the bare minimum permission for operations while providing fine-grained access control

    • Multi-dimensional security access identity authentication, including multi-factor verification, time/geo-fencing, etc.
    • Application-level access based on the principle of minimum authorization to refine the control of user permissions.
    • Platform-level anti-DDoS, WAF protection, security audit capability.
    • Multiple data disclosure prevention technology, business data are well secured and device terminal behaviors are controlled.

  • Dynamic Level of Trust

    Continuous trust evaluation of users' access behavior, dynamic control and adjustment of user access permission

  • Network Concealment

    Enterprise applications are only visible to legitimate users, preventing external malicious scanning and network attacks

  • Improved Performance

    A number of transmission optimization technologies, the integration of high-quality network and efficient transmission acceleration to improve the success rate of access

    • Multiple transmission optimization: static business data are cached and distributed through nearby nodes, dynamic business data are accelerated for return-to-source interaction through intelligent routing, protocol optimization and other WAN optimization technologies to fully meet the performance optimization needs of various types of services.
    • High availability: a large number of high-quality nodes at home and abroad, multi-source load balancing, instant switchover and other technologies to ensure the efficient and stable operation of various business systems.

  • Unified Management

    Exclusive unified enterprise work platform, unified internal and external network access, access portal, remote management

    • Unified access to internal and external networks: users are not required to switch between accounts, seamlessly accessing applications in multiple environments, and fundamentally eliminate the experience gap between internal and external networks.
    • Unified work environment: user personalized home portal, integrated SSO single point login function, ready to use applications after a single authentication.
    • Unified remote management: through the security management and control platform to uniformly setup compatibility, uniformly configure personalized portals, and unified configuration distribution.

  • Situational Awareness

    The multi-dimensional application enable devices to accesses the dashboard, with intuitive and highly visible user experience, locating anomalies in real time

    • Detection of employee access, real-time insight of the number of online users, access blocking count, etc.
    • Application operation status awareness, intuitive understanding of enterprise business application access.
    • Internal risk awareness, accurate identification of threat events, assist operators to quickly deal with devices at risk.
    • System anomaly detection to rapidly identify the abnormal state of business applications and ESA product components with instant alerts.

Architecture

Architecture

Scenarios

  • Branch Organization Remote Access
  • Mobile Office/Telecommuting
  • Enterprise Intranet Security Consolidation
  • Up/down Stream Supplier Remove Access

Enterprises with multiple stores and outlets often have more than a dozen internal business systems and lack a unified portal to integrate various business, multiple systems face issues of authentication and compatibility, resulting in poor user experience and low efficiency of operation and maintenance:

  • ESA provides customized enterprise exclusive office platform, integrated single point login, ready to use, fast and stable experiences.
  • Fine-grained security control policy, which only allows application-level access and does not expose enterprise business resources.
  • Through the situational awareness dashboard, users can analyze the access data from multiple dimensions, study the access status of the business system in real time, and rapidly identify security threats.

Traveling employees may remotely access the enterprise’s intranet system through smartphones, tablets and other devices. Traditional VPNs are unstable, facing frequent disconnections, difficult to control user behavior, and easily penetrated, resulting in internal network intrusions and attack risks to the enterprise:

  • ESA implements the principle of minimum permission, which restricts the access and operation permission of personnel to important systems.
  • Through user behavior audit and operation control, providing multi-dimensional and multi-level protection of enterprise sensitive data assets from leakage.
  • Supports a large number of users access while ensuring security, speed, and smooth user experience.

In response to the challenge of attack and defense exercises, enterprises need to prevent exposed ports and IP addresses from being attacked by scanning. At the same time, the security protection 2.0 standard clearly stipulates that if an enterprise’s telecommuting system fails to pass the evaluation, it will receive a warning from the relevant departments and required to rectify the issues in question:

  • ESA provides a secure gateway to “conceal” the business system, making it impossible for external scanning tools and attack sources to detect server addresses and ports.
  • Unified security control at the application level, improve device security, and reduce the risk of disclosure and the cost of operation and maintenance.
  • Meet the security requirements of security protection level 2.0, intrusion prevention, network architecture and other security requirements, and comprehensively enhance the compliance capability of enterprises.

In order to facilitate remote access to relevant businesses by upstream and downstream partners, enterprises often expose the supplier portal system on the public network to external threats, such as credential stuffing attacks and data disclosure:

  • ESA provides a secure gateway to “conceal" enterprise applications from the network, hence hackers will be unable to attack enterprise resources.
  • Multi-factor authentication methods such as device binding, SMS verification and scan verification are supported to make authentication more secure.
  • The situational awareness dashboard shows the overall state and security threats, comprehensively tracks user behavior, and accurately identifies suspicious behavior.