Laser*Proxy is an authorization access proxy server that enables companies to connect with the user's infrastructure via the Zero Trust Network Access (ZTNA) principle. This principle implies that direct connection to the infrastructure is not possible without prior authentication of all persons individually, with the mandatory indication of the reason for connection.

Laser*Proxy provides answers to questions that everyone wants to know:

• Who is connecting
• When is he connecting
• Where it connects
• Why is he connecting

It is implemented in such a way that users first connect to the Laser*Proxy server, then authenticate by entering the reason for connection, after which they are allowed access to servers on the user's infrastructure with restrictions defined in the Laser*Proxy administration. Access restrictions can be by server or service, and by connection time. Restrictions are defined by the user, in accordance with their security policies.

The solution is different from traditional VPN solutions in the sense that it enables the connection of several employees of the partner company simultaneously to the user's servers without additional installation of applications on computers.

Laser*Proxy is multilanguage ready, translated to slovenian.

All connections are logged with the possibility of integration with the user's SIEM systems.

A prerequisite for successful implementation is that between the user's company and the companies using the Laser*Proxy module there is an established and functional LAN to LAN IPSEC VPN tunnel that connects the networks 24/7/365 in such a way that the employees of the company using the Laser*Proxy have direct access only to Laser*Proxy server. The user on his firewalls prohibits direct access to other servers within his infrastructure, that is, he allows access from the Laser*Proxy server to other servers of that infrastructure. In this way, control and records of all accesses to the user's infrastructure are realized.

 

Laser*Proxy features:

• authentication of each employee with a unique username and password with no limit on the number of users
• adding employees to groups with no limit on the number of groups
• group prioritization in such a way that access rules to servers of groups with higher priority override access rules with lower priority
• definition of accessed servers and services on those servers according to the type of communication protocol (HTTP, HTTPS, SQLNET; SSH, etc.) without limitation by number of servers or protocol
• user authorization - assignment of server access rights to users, groups and/or by time permits, one-time or recurring (e.g. days and hours of the week)
• the possibility of simply canceling complete access with a mouse click within the administrative module
• options such as turning off time permits, event logging level, duration of unused sessions are parameterized
• logging of all authorization attempts on the Laser*Proxy server, successful and unsuccessful
• logging of all connections to the client's infrastructure servers, successful and unsuccessful
• logging of administrative events and communication between modules of the Laser*Proxy solution
• overview of currently registered users with details about the servers and services they access
• after authentication, the user receives a reviewed list of all servers and services that he may access at that moment
• possibility of integration with SIEM systems
• agent free - without installing applications on computers that connect to Laser*Proxy
• multilanguage
• responsive GUI web interface for administration

Laser*Proxy is a unique solution of its kind on the market because:

1. allows connecting via any protocol (HTTPS, SSH, RDP, SQL ...)
2. with each connection, it is mandatory to enter the reason for connection
3. no installation of agents on computers or servers is required