How does Strata enable Secure Hybrid Access and achieve Zero Trust?
Strata’s Maverics Identity Orchestration extends access of on-premises apps to cloud-based users, providing a Zero Trust approach that allows access to on-premises apps from the cloud. Maverics extends standards-based authentication from cloud identity systems to on-premises apps providing sophisticated last-mile integration with no changes to apps.
Challenges with Secure Hybrid Access
Many apps built before the cloud’s Zero Trust architecture were not designed to work across hostile networks.
- Legacy IAM software was not designed to work in cloud environments and must be replaced with cloud-native identity.
- Interoperability between new cloud identity systems and existing on-premises identity systems is required.
- Most existing network configurations are not granular enough to control access (identity context data).
- Granular access policies are needed to support Zero Trust’s identity as the new perimeter model.
- Moving apps to the cloud and upgrading identity systems means expensive and time-consuming rewrites and maintenance of custom code.
Easily deliver on-premises and cloud apps through your portal
Maverics enables delivery of on-premises apps through cloud portals from Azure AD or Okta. Easily extend SSO sessions from the cloud to on-premises apps and deliver them to your users through a convenient cloud portal.
Maverics can also be used to mix and match apps and IDPs for different users, based on what works best for your use case. Maverics doesn’t lock you into any single portal but instead delivers a wide variety of apps including Citrix-hosted, SaaS, and more. Maverics assembles the solution that is right for the app, the platform, and the users accessing it.
Effortless SAML/OIDC enablement. No rewrites required.
Maverics transforms SAML/OIDC sessions into HTTP headers with smart mapping capabilities; meaning no rewriting or touching existing apps. Maverics even supports sessions for many legacy Web apps that must move to the cloud, without compromising security or usability.
Zero Trust with Zero Limits
Maverics can assemble authentication, MFA, device verification, granular authorization, and risk scoring based on the needs of applications and your data’s sensitivity. Build intelligent identity flows and swap in the services needed as your needs or the threat landscape changes.
Incremental Migrations. Breakthrough Flexibility.
Maverics enables gradual lift and shift of different apps to the cloud and selective migration of identity systems. Maverics gateways and proxies play nicely with existing network topologies that enable legacy SiteMinder, OAM, ClearTrust, Ping, and Active Directory to coexist seamlessly with cloud identity from Azure AD and Okta.
Unify Identity Across Clouds and On-Premises Environments
Maverics’ Identity Control Plane enables changes in identities on cloud systems like Azure AD and Okta to be propagated back on-premises to keep identity consistent across new and old identity systems.
Create cohesive distributed identity management out of fragmented identity silos spread across multiple clouds and on-premises systems.
How Maverics Secure Hybrid Access Works
Create cohesive distributed identity management from fragmented identity silos spread across multiple clouds and on-premises systems.
- Deployed on-premises and in your cloud platforms as a simple, lightweight service.
- Runs as either a standalone cloud proxy or integrated directly into web and app servers through a unique gateway model.
- Defines and registers on-premises apps to Azure AD or Okta and to Maverics.
- Accepts authentication from trusted identity systems like Azure AD and Okta and then passes sessions to apps using the appropriate session technology.
- Assemble consistent identity profiles from any number of identity and attribute providers and then pass this identity context into apps as part of the last mile integration process.