SingleKey™ is an identity management and application security appliance which enforces enterprise-wide authentication, authorization and access from a single point of control, and provides distributed proxying and firewalling for specific segments of your network.

Organizations today face two key challenges:

1. The need to provide application access to a large, fluid, distributed and mobile set of users; and

2. The need to protect internal data resources to the same degree that Internet-facing servers are today. These challenges are often viewed as distinct from each other, and are not usually addressed by the same people within enterprise IT.

As a result, point solutions, difficult integrations, and imperfect results are all too common.

Bayshore Network's engineering staff have taken the view that these two problems are not in fact distinct but must be solved together. This is because much of the technology and management that must be brought to bear is shared across these two problem domains. Solving the application-access and the internal-security problems together will result in tremendous cost savings and efficiency. The SingleKey platform aggregates all of the security and management technologies needed to provide global access to applications, and distributes the package to all servers to be protected. In this way, application access can be enforced at the point where the servers are deployed. This is much more scalable and manageable than trying to enforce access-policy at remote points in the network. At the same time, SIngleKey protects individual data accesses by controlling the endpoints (the user and the server) rather than the intervening network link. It isolates critical application servers by forcing all accesses to applications to go through the SingleKey protection layer. This greatly reduces risk from threats originating on your organization's internal network.

SingleKey can be used to implement global single sign-on solutions. SingleKey provides distributed security. It is intended for pervasive deployment in multiple units, throughout an enterprise network. SingleKey is not a perimeter security device, and does not replace traditional perimeter defenses such as firewalls and DMZs. SingleKey takes the pressure off your perimeter by protecting isolated network segments. A SingleKey appliance is deployed near the application server or servers that it protects. All accesses to the protected server must go through SingleKey, which provides a complete range of security and management services before permitting access to the server. Therefore, SingleKey requires no changes to clients or servers or firewalls, unlike many other solutions.

SingleKey achieves high scalability and management flexibility by automatically integrating with enterprise LDAP directories. Organizations that deploy multiple appliances to protect their applications can therefore combine a defined security policy globally with distributed enforcement. This novel approach maximizes security and manageability while minimizing costs and deployment challenges. SingleKey is as a rack-mountable appliance with a suite of software components pre-installed and configured. Its internal software applications are fully integrated, resulting in a package which is fully configurable with just a simple Web-based interface. All you have to do is mount the device, turn it on and perform any customized configuration necessary to connect it to your enterprise resources. SingleKey is simple and cost-effective enough for installation by departmental IT managers without requiring advanced security skills. SingleKey treats all users as untrusted, regardless of whether they're coming from inside or outside your network.