Multisite Connection Solution with Access Control
InstaSafe Cloud Access (ICA) – The Ultimate Multisite Connection SolutionInstaSafe® Cloud Access (ICA) provides a point-and-click solution for site to site connectivity between multiple locations. ICA not only ensures that the connectivity is established, but it also secures the data in transit using AES encryption. Further, it also secures network resources at each locations.ICA uses a virtual gateway, that easily connects the locations via its global backbone and comes with features like granular access control, device binding, AES encrypted tunnel, etc. You can then eliminate SD-WAN branch appliances and MPLS links and dramatically simplify deployment and management.
How Does InstaSafe Cloud Access Work?
- ICA Controller (IC): The ICA Controller determines which ICA Hosts can communicate with each other. The Controller may relay information to external authentication services such as attestation, geo-location, and/or identity servers. The Controllers are connected to the appropriate optional authentication and authorization services (e.g., PKI Issuing Certificate Authority service, device attestation, geolocation, SAML, OpenID, OAuth, LDAP, Kerberos, multifactor authentication, and other such services)
- Initiating Hosts (IH): Initiating ICA Hosts (IH), communicate with the ICA Controller to request a list of Accepting Hosts (AH) to which they can connect. The Controller may request information such as hardware or software inventory from the IH before providing any information.
- Accepting Hosts (AH): By default, an AH rejects all communication from any of the hosts except the ISA Controller. The AH accepts connections from an IH only after being instructed to do so by the Controller.
- The ICA Controller also instructs the AHs to accept any optional policies required for encrypted communications.
The IH initiates a Single Packet Authentication to each authorized AH. It then creates a mutual TLS connection to those AHs.