Web Access Management

To ensure consistent end-to-end protection of web applications, the various security measures have to be perfectly aligned with each other. This is exactly what NEVIS does. Its sophisticated architecture is designed to support rapid and simple high-security integration of applications with diverse security requirements.

Many companies have historically grown web infrastructures that were implemented and operated as silo solutions. Typically, every application has its own user management and security architecture. This results in a number of challenges, for example when the company needs to...

  • ... rapidly integrate a new application.
  • ... integrate various applications into a single sign-on (SSO) solution.
  • ... make applications available for users with identities that are managed externally (e.g. social login or identities managed by business partners).
  • ... introduce strong authentication.
  • ... quickly react to new security threats.

 

Zoom

With a NEVIS-based security infrastructure, web applications no longer have to implement authentication. This has the following advantages:

  • Applications do not need to offer authentication functionality. Application developers can focus on their core tasks.
  • The NEVIS infrastructure ensures single sign-on integration.
  • Externally managed identities can be easily integrated via Identity Federation (SAML, WS-Federation, OpenID Connect).
  • The NEVIS authentication service supports various strong authentication mechanisms "out of the box".
  • NEVIS facilitates adaptive security, i.e., authentication in line with data and content sensitivity, from social login to a strong two-factor authentication.
  • Existing directories can easily be integrated and used by various applications.
  • An integrated web application firewall offers optimum protection of all integrated applications. When new security vulnerabilities are discovered, operators can respond quickly by setting and activating appropriate filtering mechanisms on the firewall.