The goal: To set up protective network components and access mechanisms that not only fulfill strict security and compliance specifications, but also are able to meet the integration and operating requirements under a high data load and for a large number of users, including 6000 internal staff and up to 20'000 customers and partners.
The process: nevisProxy, a component of the NEVIS Security Suite, was installed as a secure reverse proxy with its integrated web application firewall (WAF). nevisProxy serves as a primary central entry point for all web traffic to the online services, thus controlling user access and protecting the web applications from attacks of all kinds. The convenient access of customers, partners and staff to services has been maintained by integrating Helvetia's web applications in a company-wide single sign-on (SSO), provided by nevisAuth, another component of the NEVIS Security Suite, which supports a wide range of authentication measures and technologies. Accordingly, access to the web applications is managed centrally.
The result: A state-of-the-art security portal that withstands even the most sophisticated threats without sacrificing operability nor user convenience. The seamless interaction between nevisProxy and nevisAuth forms the foundation of a consolidated security infrastructure with support for Java- and Microsoft-based technologies and a total of four authentication mechanisms (SAML with different bindings, password/userID, Kerberos, and 2-factor authentication with mTAN). By uniting numerous platforms, technologies and applications, the central access management infrastructure enables a rapid SSO integration of new partners and customers.