Solutions by Industry
Network Security Customers in Every Industry

Education:

You have attracted the brightest young minds in the country, now you just need to provide them with the application access they need to be productive whilst ensuring your institute is protected against the security and financial risks associated with data leakage and illegal file content sharing.

Sensitive data such as student records, grades and coursework need to be secured from unauthorized access whilst allowing access to users with a valid requirement.

Moving education onto the Internet offers students exciting new educational and creative opportunities. Networked education also promises benefits to teachers and school administrator such as flexible delivery of educational materials and programs as well as cost savings. Yet, the Internet also puts students—whether at public school districts, community colleges, or major universities—at risk for illegal sharing of copyrighted information and for access to inappropriate materials. Without careful management, students and staff can also waste valuable network resources and endanger network operations with pursuits that don’t relate to institutional goals.

Celestix provides education establishments the ability to securely publish only the network resources that are required by users in order to meet the demands of their role. For instance, collaboration sites and coursework portals can be made available to students but access to student records, course grades and staff records can be restricted. Access can be controlled through the enforcement of user policies, ensuring that users without the rights to view certain network resources never get to see them.

IT security issues in education

• Preventing unauthorized exposure of academic records, exam data, and personnel files
• Guarding against harm and legal liability from access to inappropriate content
• Restricting access to corporate network zones
• Preventing viruses, worms, and spyware from untrusted devices infecting assets
• Ensuring staff and student productivity
• Enabling online community collaboration without compromising security

Celestix solutions

Celestix Edge E Series Appliance is designed to provide unified remote access for on-premises traditional connectivity for enterprise devices as well as BYOD application support.

• Enables always-on network connectivity for domain joined device users and improves the management of remote devices regardless of their location through DirectAccess
• Provides access to legacy and non-Windows devices through traditional RRAS based VPN
• Enables cross-premises network connectivity to hosted public cloud IaaS providers
• Delivers secure federated access to applications in the private and public cloud
• Delivers enhanced user experience without introducing complexity
• Demonstrates tangible cost savings without compromising security
• Complies with UK’s PSN guidelines for mobile working

Celestix MSA – firewall/proxy appliances that shield private-network records and data from unauthorized exposure MSA with Microsoft ForeFront Web Protection Suite – web filtering as an option on MSA appliances, stops student and staff access to inappropriate content

Microsoft ForeFront anti virus software is an option on MSA appliances that protects against spyware, viruses, worms, and other content-base threats

Celestix WSA appliance range runs Unified Access Gateway 2010 (UAG) to provide secure portal based application access to users based on profile and the level of trust of the endpoint device.

• Provide access only to the applications relevant for the users role/profile
• Restrict access to applications that are not applicable to the users profile
• Provide granular application access policies that can protect data within applications
• Present customised user experience
• Integrate with HOTPin tokenless two factor authentication

Commercial Sector:

With the consistent growth in security breaches, the rise of hacktivist groups and the increasingly complex nature of attacks, it can be difficult to ensure your organization is safe from harm. Add to this the need to comply with data handling and security regulations and the job is made even harder and more costly.

The commercial sector is made up of a diverse range of businesses, from manufacturing to professional services, so providing a “one size fits all” approach for security is very difficult. However, all commercial businesses are in business to grow, beat their competition and present strong returns to their stakeholders.

Ensuring a competitive advantage is hard enough in today’s aggressive market but it can be made even harder if you have been the victim of a security breach. Loss of confidential data is not the only risk, loss of consumer confidence, the cost of clearing up a breach and the potential cost of fines levied by regulatory bodies can all increase the cost and strain of an attack.

The commercial sector is competitive and hard enough to work in already so why risk the impact of a security breach?

IT Security Issues in the commercial sector

• Enabling secure consumer access to online services
• Ensuring trust between third parties that wish to access confidential data
• Data loss through malicious intent or negligence
• Providing policy based access and control
• Meeting compliance standards for data handling
• Providing comprehensive reports to support compliance claims

Celestix solutions

Celestix Edge E Series Appliance is designed to provide unified remote access for on-premises traditional connectivity for enterprise devices as well as BYOD application support.

• Enables always-on network connectivity for domain joined device users and improves the management of remote devices regardless of their location through DirectAccess
• Provides access to legacy and non-Windows devices through traditional RRAS based VPN
• Enables cross-premises network connectivity to hosted public cloud IaaS providers
• Delivers secure federated access to applications in the private and public cloud
• Delivers enhanced user experience without introducing complexity
• Demonstrates tangible cost savings without compromising security
• Complies with UK’s PSN guidelines for mobile working

Celestix MSA appliance range runs Threat Management Gateway 2010 (TMG) to provide multi-function application firewalling and proxy services

• Provide defence in depth firewalling for the most sensitive of network zones
• Deliver web content quickly and ensure availability
• Protect corporate IT users from internet borne threats

Celestix HOTPin is a powerful tokenless two factor authentication solution that is used to deliver a One Time Password (OTP) via a soft token installed on a smart device, USB key or PC, or via SMS in a fully clientless mode.

HOTPin can be provided as a managed service that can be re-branded, allowing financial organizations to offer their own branded authentication solution to customers at a very competitive price.

• Authenticate users to restricted and confidential files, applications and resources
• Prevent identity theft and subsequent data breaches
• Report on authentication attempts and provide evidence to support compliance
• Integrate with any RADIUS based access technology
• Enforce brand image with branded soft token and
• Increase customer trust and loyalty through easy to use highly secure authentication

Celestix WSA appliance range runs Unified Access Gateway 2010 (UAG) to provide secure portal based application access to users based on profile and the level of trust of the endpoint device. WSA appliances are trusted by financial services organizations because of the granularity they provide in terms of access policies based on endpoint trust and also on the level of application based control they provide.

• Provide access only to the applications relevant for the users role/profile
• Restrict access to applications that are not applicable to the users profile
• Provide granular application access policies that can protect data within applications
• Present customised user experience
• Collaborate with third parties while remaining in control of data and applications
• Integrate with HOTPin tokenless two factor authentication for a simple to manage, tightly integrated access and authentication solution

Managed Service Provider:

Celestix HOTPin MSP Edition is a flexible authentication service designed exclusively for Managed Service Providers.

HOTPin MSP Edition is easy for Managed Service Providers to install, administer and sell; greatly reducing the investment, complexity and operational costs associated with traditional authentication servers. HOTPin’s multi-tenant architecture allows all clients to be provisioned and managed from a single, simple web interface.

Celestix offers a flexible “pay as you go” billing option to MSPs, ensuring the lowest possible cost and the ability to charge only for actual usage of the service.

HOTPin MSP Edition can be completely white-labeled allowing the MSP to enhance their brand or provide their customers with their own branded solution.

HOTPin meets the need for a truly flexible solution with a wide range of token options combined with an intelligent price model and the broadest range of management tools to ensure ease of provisioning, reporting and billing.

HOTPin MSP Edition is available to partners that sign up to the Celestix Service Provider Licensing Agreement (SPLA) agreement.

Features of HOTPin MSP Edition

Truly multi-tenant architecture

• Protecting tenant privacy
• Providing customer specific reports and policies

Central management for MSPs

• Aggregated reporting
• Consolidated management of tenant instances

Infrastructure scalability

• Allowing scaling up and down as needs of MSP business change

End user self-provisioning and management

• Reducing helpdesk costs for MSP
• integrates with existing mass-provisioning systems

White label option

• Customizable OTP clients (soft tokens, SMS and hardware tokens)
• Customizable end user provisioning portal
• Customizable administration console

Multiple token form factors

• Soft token, Hardware token, SMS, Virtual Keyboard

Benefits to the MSP

Lack of a multi-tenant two-factor authentication solution  stymied MSPs from providing this service to their customers. HOTPin MSP Edition allows MSPs to finally address these issues.It provides the following benefits for MSPs.

Pay as you go pricing model

• No upfront capital expenditure
• Pay only for active users

Flexible billing cycles

• 30-day and 90-day options

Option to provide added services

• Recurring revenue
• No cost of customer acquisition

Differentiate against competition

• Enhance brand loyalty
• Increased portfolio of services

Secure your customers

• Protect customers against threats
• Assist in customer compliance

Healthcare:

Healthcare organizations operate in a highly regulated industry due to the sensitive nature of the records they maintain. Protected Health Information (PHI) must be handled in a controlled and secure manner, ensuring compliance against HIPAA regulations.

Clearly defined policies exist to ensure that administrative, physical and technical security measures are deployed to enforce the confidentiality and restricted access of protected health information. For example, healthcare organizations are required to identify the personnel who have access to EPHI files and restrict access only to those employees. In addition, access to confidential data must be authorized and so any person who has access to such data must authenticate to the system prior to access.

With the need for inter-agency collaboration it may be necessary to share confidential records with third parties. In all such cases it is essential that there is a trusted relationship between all parties and that records are shared only with the trusted organization and through a secure encrypted method of communication. With so many security considerations, the risk of failing to comply with regulations, and the implications of data loss or misuse, it is no surprise that IT systems in the healthcare market have become complex and disjointed.

But remaining in control of PHI content does not have to be taxing. Celestix offers healthcare providers a comprehensive and tightly integrated suite of network security and access solutions that deliver best-in-class protection for your network assets and diverse stakeholders.

Celestix range of solutions for healthcare includes the WSA appliance running Microsoft Unified Access Gateway 2010 (UAG). WSA is highly referencable in the healthcare sector and is used by both private and public health organizations globally to provide secure access to confidential data.

IT Security Issues in Healthcare

• Preventing unauthorized exposure of PHI records including patient records
• Data loss through malicious intent or negligence
• Enabling inter-agency collaboration
• Ensuring access is restricted to authorized users only
• Providing policy based access and control
• Meeting compliance standards for data handling
• Providing comprehensive reports to support compliance claims

Celestix solutions

Celestix Edge E Series Appliance is designed to provide unified remote access for on-premises traditional connectivity for enterprise devices as well as BYOD application support.

• Enables always-on network connectivity for domain joined device users and improves the management of remote devices regardless of their location through DirectAccess
• Provides access to legacy and non-Windows devices through traditional RRAS based VPN
• Enables cross-premises network connectivity to hosted public cloud IaaS providers
• Delivers secure federated access to applications in the private and public cloud
• Delivers enhanced user experience without introducing complexity
• Demonstrates tangible cost savings without compromising security
• Complies with UK’s PSN guidelines for mobile working

Celestix WSA appliance range runs Unified Access Gateway 2010 (UAG) to provide secure portal based application access to users based on profile and the level of trust of the endpoint device.

• Provide access only to the applications relevant for the users role/profile
• Restrict access to applications that are not applicable to the users profile
• Provide granular application access policies that can protect data within applications
• Present customised user experience
• Increase productivity, allowing users to access content while responding to an emergency
• Integrate with HOTPin tokenless two factor authentication for a simple to manage, tightly integrated access and authentication solution

Celestix HOTPin is a powerful tokenless two factor authentication solution that is used to deliver a One Time Password (OTP) via a soft token installed on a smart device, USB key or PC, or via SMS in a fully clientless mode.

• Authenticate users to restricted and confidential files, applications and resources
• Prevent identity theft and subsequent data breaches
• Report on authentication attempts and provide evidence to support compliance
• Integrate with any RADIUS based access technology
• Simplified integration agent for Microsoft UAG 2010

Small and Medium Businesses:

Small and medium sized businesses face exactly the same security threats and must comply with the same regulations as larger organizations. However the complexity and cost of security solutions can deter business owners from taking sufficient steps to secure their valuable resources. In a recent survey by Celestix, 47 percent of respondents cited complexity as the biggest obstacle to rolling out an authentication solution while 29 percent of respondents cited cost as their biggest issue. These statistics highlight the fact that until security technologies become more simplified they will continue to exclude the SMB market and leave it exposed to a multitude of threats. Small and medium enterprises operate across all sectors so the nature of their business is diverse. The nature of the SMB market is competitive as businesses look cultivate their niche and expand. The impact of a security breach can be catastrophic for any such organization.

IT Security issues for the SMB

• Being agile without creating gaps in security
• Protecting from loss of business and negative reputation
• Ensuring a competitive edge, differentiating in the market
• Preventing data loss through malicious intent or negligence
• Delivering comprehensive security on a sensible budget
• Providing secure services to business and consumer customers without the cost
• Meeting compliance standards for data handling
• Providing comprehensive reports to support compliance claims

Celestix solutions

Celestix HOTPin is a powerful tokenless two factor authentication solution that is used to deliver a One Time Password (OTP) via a soft token installed on a smart device, USB key or PC, or via SMS in a fully clientless mode. HOTPin is cost effective because no hardware token is required, making it an ideal solution for businesses of any size.

• Authenticate users to restricted and confidential files, applications and resources
• Prevent identity theft and subsequent data breaches
• Report on authentication attempts and provide evidence to support compliance
• Deploy rapidly with on-box RADIUS and simple set up process
• Increase customer loyalty through easy to use highly secure authentication

Government and Public Sector:

IT Issues faced by Government and Public Sector

• Embracing mobility while maintaining the security of the network
• Complying with regulations for data handling
• Delivering an improved, simple and consistent remote access experience for workers
• Providing inter-agency collaboration while safeguarding sensitive data from exposure
• Controlling access to restricted network zones
• Enabling online community collaboration without compromising security
• Leveraging the cloud for scalability, flexibility, and reducing cost with full regulatory compliance

Embracing mobility to support a changing work environment

Government and public sector organizations are under continued pressure to improve operational efficiency with a limited budget. Transformational government initiatives are driving an increase in mobile and remote working as the need to cut costs and re-purpose real estate results in a push to find new ways for staff to work.

The emergence of highly portable tablet devices has helped organizations to support this initiative but with greater mobility comes an increased risk of data loss and security breach. Increased security and access controls may increase cost and complexity and may conflict with initiatives to simplify the use of IT resources.

Enabling inter-agency communication without compromising sensitive data

The need for inter-agency communication has never been greater, whether at the central or regional level. Government and public sector data is by its nature highly sensitive and as such is prone to theft, loss, or misuse. Furthermore, the type of data held by these bodies is diverse, from central policy documents to the personal records of members of the community.

This complexity is compounded by the need for these organizations to share data with a broad range of people such as members of the public, employees, contractors and other third party agencies. Handling such diverse data records and managing so many digital identities can be a huge task.

Celestix Solutions for Government and Public Sector

Celestix delivers a comprehensive product suite that includes secure and trusted unified remote access, authentication, and web application proxy/reverse proxy solutions. These solutions enable government agencies and public sector organizations to address their changing IT needs while at the same time simplifying the user experience and reducing costs. With these solutions they can remain in control of their data, provide accurate reporting to regulatory bodies, and improve the mobile working experience for their employees.

Increasing staff productivity with mobility

Celestix unified remote access solutions eliminate the barriers to productivity by providing consistent and secure network connectivity for employees anytime and anywhere across a myriad of devices. Celestix E Series Appliance delivers Windows Server DirectAccess and IPsec VPN gateway to enable access to mixed environments. Celestix offers secure encrypted connectivity and also integrates with authentication through the use of machine based certificates, physical and virtual smart cards and RADIUS OTP. Access to data and resources is provided only from domain joined devices which are maintained in accordance with security policy.

• DirectAccess and IPsec VPN is CPA certified by CESG (UK government certification)
• DirectAccess complies with PSN guidelines for mobile working

Secure publishing and controlled access to data

Celestix reverse proxy solutions deliver the ability to securely publish only the network resources that are required by users in order to meet the demands of their role. Access can be controlled through the enforcement of strong user policies, ensuring that only users with the rights to view certain network resources get to see them.

Cloud connectivity

We are committed to accelerate cloud adoption among government agencies and public sector organizations to increase flexibility and scalability. Celestix supports cloud-first and G-Cloud cloud-computing initiatives in US and UK respectively by providing secure access between private and public clouds, or multiple cloud providers. Celestix cloud connectivity solutions help establish a secure connection between on-premises and cloud infrastructure.

Celestix Products

Celestix Edge E Series Appliance is designed to provide unified remote access for on-premises traditional connectivity for enterprise devices as well as BYOD application support.

• Enables always-on network connectivity for domain joined device users and improves the management of remote devices regardless of their location through DirectAccess
• Provides access to legacy and non-Windows devices through traditional RRAS based VPNs
• Enables cross-premises network connectivity to hosted public cloud IaaS providers
• Delivers secure federated access to applications in the private and public cloud
• Delivers enhanced user experience without introducing complexity
• Demonstrates tangible cost savings without compromising security
• Complies with UK’s PSN guidelines for mobile working

Celestix MSA firewall/proxy appliances shield private-network records and data from unauthorized exposure, provide web filtering and anti-virus as an option.

• Protect networked users from internet borne threats
• Provide multiple functions from a single platform

Celestix WSA appliance range runs Unified Access Gateway 2010 (UAG) to provide secure portal based application access to users based on profile and the level of trust of the endpoint device.

• Provide access only to the applications relevant for the users role/profile
• Restrict access to applications that are not applicable to the users profile
• Provide granular application access policies that can protect data within applications
• Present customized user experience
• Integrate with HOTPin tokenless two factor authentication

Celestix HOTPin delivers tokenless two factor authentication to ensure access is provided only to trusted collaborators.

• Event based onetime password generation
• Clientless or soft token options
• Customizable to allow for use as a service