SphereShield
for Skype for Business OnPremise, Online and Microsoft Teams
What is it exactly?
SphereShield is a security platform designed to enable organisations to manage access control, compliance and threat protection issues. The SphereShield platform is based on a proprietary reverse proxy with extensible multi-protocol filtering capabilities and an administrator site for product management, reporting and configuration.
SphereShield can be implemented on-premises or at cloud as a CASB. (Cloud Security Access Broker)
The platform forms the basis of AGAT's solutions for Skype for Business and ADFS and can be used to meet the security requirements of other products.
The services offered by the SphereShield platform
Identity and access control
Multi-factor authentication
With additional factors for login other than credentials, the login process becomes more secure, without hindering users' daily work. SphereShield enables authentication based on device or mobile client enrollment applications. In addition, the solution includes a self-service portal for device management.
Checking the device MDM
Integration with the main suppliers of MDMThe integration enables restrictions to be set for the level of device security based on access and blocking when a device becomes non-compliant. The integration allows you to set restrictions on the level of device security based on access and block it when a device becomes non-compliant. Current vendors supported by SphereShield: MobileIron, IBM MaaS360, VMWare AirWatch, BlackBerry, Citrix XenMobile.
Account lock protection -
Account lock-in via DoS / DDoS attacks is a significant threat to any service that relies on secure authentication, such as Skype for Business or any cloud service based on ADFS. By sending multiple failed login attempts under a single username, an attacker can easily lock down an account. SphereShield offers a unique solution to block such attacks, which will still allow authorized users to continue accessing cloud services even while the attack is in progress.
Compliance
Data loss prevention
Inspect content sent via various protocols such as HTTPS, SIP and ActiveSync and ensure that no sensitive information is transmitted. The DLP SphereShield engine can be used on its own or integrated with leading vendors including Symantec, McAfee and ForcePoint.
Data governance and e-discovery
Data governance is the ability to control your data: access it when you need it and get rid of it when you don't. SphereShield provides tools to quickly access and manage your data. The module allows for advanced data search and easy removal of obsolete information.
Ethical wall
SphereShield allows organisations to implement communication control policies based on different parameters such as user or groups, ensuring tight control of communication and compliance with regulatory requirements. The control capabilities cover the establishment of the communication as well as the operations that should be allowed in the communication.
Threat detection and prevention
Detection of user and network behaviour
SphereShield allows administrators to define user and network behaviour to detect anomalies such as an unavailable traveller or unusual traffic volumes.
Anti-Malware and Anti-Virus
SphereShield inspects traffic for malware or viruses in the DMZ before it reaches the network or enters cloud. This module is integrated with leading vendors such as Kaspersky.
Safety audits and events
Record safety-related activities and trigger events for SEIM and SCOM systems.
Free download of brochures
Which solution UC do you currently use?
Study for the exit of a tenant Microsoft 365 with 30'000 users
Initial situation Our client mandated us to analyse the technical impacts and to clarify the benefits and disadvantages of creating and using a Microsoft 365 tenant specific to its entity instead of using a 365 tenant common to several entities of the business group to which it belongs. Goal Our client was looking for a solution to the problem of [...]