fbpx
SECWARE2020-10-12T06:51:31+00:00

SECWARE

Universal Middleware

This middleware software that has several industry specific business use cases. In Telecom industry it enables them to have granular controls and security policy for each broadband user or group of mobile subscribers based on user credentials like user ID and User IP.

Use Case

  • National Law enforcement agencies can set central security policies and access rights to block certain applications and anti-social or anti-national use of Internet.
  • This central policy is subscribed by the ISPs and mobile operators and enforced on its subscribers based on the user-id and IP address.
  • This granular control helps in blocking nefarious application and use cases and allow essential services rather than blanket internet blackout.

Solution components

Adapters

Modular adapters that are use case defined enable various types of integration with user identity databases. The microservices architecture of SecWare allows it to utilize any of the adapters without effecting the core engine of the solution. The following types of adapters are used to map the user identity to the IP address and deploy the security profile.

LDAP Adapter

Radius Adapter

Diameter Adapter

Syslog Adapter

REST API Adapter

Packet Adapter for GTP

Policy enabler

Policy enabler is the component that collects data from various sources and analyse the User-IP mapping to define the security policies. It uses the centralised orchestration layer of the gateway security devices and deploy the policies through them.

API engine

This component providers both the operator and subscriber with the access policy defined user interface through which the security profiles can be subscribed or deployed. The reporting module provides information regarding all the current and previous security profiles enforced and User-ID-IP mapping details.

DB Engine

This uses API to integrate with webservers, log server, RADIUS/PCAP servers etc to provide the database and storage for all information like User-ID-IP mapping etc. It can be hosted in HA to avoid single point of failure as the DB engine acts as the repository for all the information used in SecWare.

Reporting Module

This module provides various reports like application report, top talkers report, policy report, firewall statistics etc. It also provides IPDR that contains the User to IP mapping along with timestamp

Request a Sales Call