An Ecosystem is a dedicated security infrastructure for each application, use-case, project, department or third-party. Ecosystems isolate and secure Ecosystem members that are users, devices, systems and applications that need to interoperate. Anything else won’t even know that the Ecosystem exists -- even if they are on the same network.
Rather than implementing one-off security products everywhere, simply connect the assets you want to protect to one or more Ecosystems. All the security functionalities are immediately available.
In order for any asset to become a member of the Ecosystem, Acreto implements a Identify, Connect, Isolate and Protect process.
Identity- User or Device identity is validated. MFA and PAM are enabled.
Once Identified, the asset is connected to one or more authorized Ecosystems as a member.
Each Ecosystem member is isolated from other Ecosystem members and non-members alike.
Full inline controls, including access, application and content controls as well as robust threat and intrusion prevention.
Any Technology, On Any Network, Anywhere.
Computer (Org Owned or BYOD)
Mobile Phone / Tablet (Org Owned or BYOD)
Headquarters
Branch
Small Office / Home Offices
Offices
Devices
Remote Users
ATMs / ITMs
Fire Safety
Elevator Controls
Many more…
Smart TV
HVAC
Many more…
Imaging System / PACS
Patient Systems
X-Ray
MRI
PACS Storage
Cat Scan
Radiology Station
Cat Scan
Patient Monitor
Infusion Pumps
Patient Systems
MRI
Radiology Station
Ventilators
Defibrulators
Patient Monitor
Ventilators
Infusion Pumps
Defibrulators
PACS Storage
Diagnostic / Test Equipment
Networks
Virtual Machines
Servers
Containers
Cloud Instances
Cloud VPCs / Cloud Networks
SaaS
Third-Party Applications
Acreto offers a variety of ways to connect your Access or Application Delivery technologies. Depending on the customer use-case and requirements, one, some or all of these methods may be utilized to facilitate end-to-end security.
TLS VPN
IPSec VPN
Wireguard VPN
OpenWRT
Acreto Direct Connect (HyperScale, 1Gbps - 100Gbps)
Acreto Client Connect
Acreto vGateway (vGW)
Reflection Connection
Acreto Client-Less Connect
Acreto supports all possible data-flow models to address all use-cases for end-to-end interconnection and security.
Ecosystems deliver a dedicated security infrastructure that can be deployed per application, use-case, project, department or third-party. An Ecosystem inherently limits access only to users, devices, systems and applications that need to interoperate together.
Ecosystems support any technology, on any network, anywhere in the world. These include computers, mobile devices, OT / ICS, Offices, Clouds, SaaS and Data Centers.
Ecosystems can be configured as:
Open → With inbound or outbound access from or to the Internet or a third-party
Closed → Fully contained with access limited to Ecosystem members
Hybrid → Where some systems have inbound or outbound Internet access while others operate fully contained.
Eliminates any and all access from the Internet while Ecosystem members can interoperate with authorized systems and applications.
Ecosystems can easily isolate individual or groups of systems on a shared network or entire networks, to limit access only to systems that need to interoperate together. This is done with
Micro-Segmentation
Segmenting groups of systems on any shared network, including hostile networks or the entire network.
Nano-Segmentation / NAC
Isolating an individual system, device or application to limit access only to other authorized Ecosystem members.
Isolated data flows can be defined between two Ecosystem members to limit access to specified sources and destinations, network protocols and ports, application protocols as well as application programs.
Secure Scan addresses a key weakness in many security tools today. 90%+ of all communications is encrypted, yet only 10% of organizations have the means to secure these communications. Encrypted Secure Scan decrypts, scans, and re-encrypts communications inline and in real-time.
Any malicious content embedded in the encrypted payload is blocked, otherwise the clean and validated communication is delivered to its final destination.
Support for IPv4 and IPv6
Bob Gourley
Former CTO, Defense Intelligence Agency (DIA)
Robert Flores
Former CTO, Central Intelligence Agency (CIA)
Eric Ashdown
Cyber Security Expert and Former CISO, Microsoft
Kelly Robertson
Virtual CISO, M-Theory Group
Joe Silva
CISO, JLL
Jean-Francois Gueguen
CEO, The French American Academy
Robert Thomas
Former CEO, Netscreen & Infoblox
Paul Blackstone
COO, 121 Financial
Paul Blackstone
COO, 121 Financial
Joe Silva
CISO, JLL
Robert Flores
Former CTO, Central Intelligence Agency (CIA)
Jean-Francois Gueguen
CEO, The French American Academy
Bob Gourley
Former CTO, Defense Intelligence Agency (DIA)
Robert Thomas
Former CEO, Netscreen & Infoblox
Kelly Robertson
Virtual CISO, M-Theory Group
Eric Ashdown
Cyber Security Expert and Former CISO, Microsoft