Rocksteady Orthanc

Individual Server Security for Authorized Users

Rocksteady Orthanc combines the technologies of

• Firewall
• VPN
• VLAN

to provide individual server security for authorized users.

Web, FTP, and VPN servers that are configured incorrectly or have bugs or weaknesses in their server software can lead to the compromise of a server by hackers or malicious software worms and viruses.

An emerging network security approach is to secure individual network services with SSL or HTTPS technology, employing security certificates from well-known Certificate Authorities. This approach has merit because it recognizes the need to secure individual servers and, indirectly, authorize individual users for access to those servers.

However, enabling individual servers with security can be costly or may be unavailable for particular types of servers. Certificate management, coupled with individual user access, becomes a difficult security management problem,, with the cross-product of service and user authorization.

Rocksteady Orthanc provides a simple, manageable approach to providing individual user security and authorization to network servers. With Rocksteady Orthanc, any network service (intranet, database, email, vertical application) can be securely accessed without complex server or application configuration and individual users can be authorized secure access to those servers without complex credential management.

Orthanc Security

Installed application services are known to be the biggest threat to server security. By fundamentally changing the way servers are accessed, Orthanc can help alleviate security issues involved with server access. The model for Orthanc operation is very simple. If a server is protected by Orthanc, the server’s presence is hidden, making it completely invisible to all other computers. Orthanc protects both its own and the hidden servers’ operating systems from all probing. In this capacity, Orthanc provides a firewall.

When an authorized user is identified using the Orthanc client, Orthanc creates a secure communication channel between the server and that user’s client device. The rest of the network remains blocked from probing or connecting to the Orthanc-protected server. For maximum security, some services can be started when the user makes an initial request, and stopped after the user is finished using them – further enhancing security. In this capacity, Orthanc provides advanced virtual private networking.

Orthanc optionally restricts the individual services that a user can access. Users accessing the same or different servers protected by Orthanc are segmented from each other. In this capacity and when installed in a LAN environment, Orthanc provides virtual local area network (VLAN) capability.

Orthanc’s Keyring

Authenticating with Orthanc is a complex process, and would be a burden on the user without Rocksteady’s patent-pending zero-configuration technology. Rocksteady’s Zero-Config clients hide tedious configuration and authentication negotiations between client and server, while simultaneously creating session-based high security.

The Zero-Config Orthanc Keyring enables access to servers for which each individual user is authorized. Each user's Orthanc Keyring is unique, and is custom-generated for that user and contains all the information necessary to authenticate with Orthanc. Rocksteady’s Zero-Config Orthanc Keyring can be used to replace the headaches of managing individual server authentication and authorization and, simultaneously, dramatically increase the level of secured access to the servers protected by Orthanc.

Rocksteady Orthanc Keyrings simplify user authentication and authorization, both for end users and system administrators, by strictly limiting all access and visibility to the server, using heavy encryption for authentication, segmenting server access and controlling service activation,