Access Point is a layer 7 security appliance that is normally installed in a demilitarized zone (DMZ). Access Point is used to ensure that the only traffic entering the corporate data center is traffic on behalf of a strongly authenticated remote user.
Access Point directs authentication requests to the appropriate server and discards any unauthenticated request. Users can access only the resources that they are authorized to access.
Access Point virtual appliances also ensure that the traffic for an authenticated user can be directed only to desktop and application resources to which the user is actually entitled. This level of protection involves specific inspection of desktop protocols and coordination of potentially rapid changing policies and network addresses, to accurately control access.
Access Point appliances typically reside within a network demilitarized zone (DMZ) and act as a proxy host for connections inside your company's trusted network. This design provides an extra layer of security by shielding virtual desktops, application hosts, and servers from the public-facing Internet.
Access Point is a hardened security appliance designed specifically for DMZ. The following hardening settings are implemented.
- Up-to-date Linux Kernel and software patches
- Multiple NIC support for Internet and intranet traffic
- Disabled SSH
- Disabled FTP, Telnet, Rlogin, or Rsh services
- Disabled unwanted services