Access Control Consolidation
To manage the different business needs of managed employees, unmanaged third-parties, and site-to-site connections, enterprises often deploy costly point solutions, with separate infrastructure and management processes for each one. CrossLink consolidates all these disparate mechanisms into a single infrastructure and policy management process.

• Managed Users: The CrossLink client can be configured for L3 SSL-VPN support for managed users. Granular access policies and unique Single Sign-On (SSO) capabilities still apply.
• Unmanaged Third-Parties: Unmanaged users require highly controlled access policies, often at the level of individual applications, URL's, or file shares. With proprietary L7 AppTunnel (TM) technology, CrossLink provides a highly controlled L3-style experience while maintaining a minimal footprint and no administrator requirements. For example, CrossLink provides tight integration with Windows File and Print Services (including native file share mapping and printing to corporate servers/printers), capabilities that are not generally available in typical layer 7 clients.
• Site-to-Site: With CrossLink STS technology, remote sites can be connected through L3 SSL-VPN, using the same backend infrastructure and access control policies, greatly reducing service costs. Because the backend infrastructure is consolidated, additional sites can be added quickly and at low cost.
• Zero Footprint Access: In zero footprint mode, CrossLink provides access to web applications hosted within the corporate network via any standard web browser. CrossLink's granular access policies, multiple authentication methods, and unique SSO capabilities can be leveraged to enforce the required security policies while maintaining a seamless end-user experience. In addition, CrossLink's highly-flexible and customizable application externalization engine allows even the most complex web sites to be made accessible in zero-footprint mode.

Granular Access Policies
In addition to the usual network-layer controls, CrossLink allows administrators to control access to resources using highly-specific policies. For example, policies can be defined that restrict access down to the level of individual URLs for web applications, or specific protocols for client/server applications, or even a particular directory within a file share. In this context, access to applications does not dictate a particular network architecture or segmentation.

Business Continuity and Disaster Recovery
Disasters such as hurricanes and pandemics test the ability of an enterprise to maintain business continuity in the face of adversity. Because CrossLink consolidates access control mechanisms, users can seamlessly continue business operations even as their endpoint and location varies. For instance, as an employee transitions from a managed company laptop to an unmanaged home PC, the access policy might become more restrictive, but the user experience is consistent and seamless.

Performance and Scalability
CrossLink server infrastructure runs a specially hardened operating system and can use a wide variety of hardware platforms, from entry-level commodity x86 servers to large enterprise-scale servers, which are fully built and delivered by Cognitas as appliances. Additionally specialized cryptographic FIPS 140-2 Level 3 certified accelerator hardware is supported. The CrossLink server infrastructure can scale to any practical number local or distributed servers, and multiple servers can be clustered in both locally- and geographically-distributed modes for load balancing and fail-over. In addition, CrossLink servers can be rapidly and easily virtualized into segregated and independent instances, reducing the cost and enhancing the flexibility of the entire server infrastructure.

Manageability
CrossLink can be centrally-managed regardless of the deployment mode, whether deployed as a single instance or multiple instances distributed locally or geographically. In addition, CrossLink can leverage existing LDAP-based enterprise directories as the repository for all configuration and customization data. This enables enterprises to take advantage of redundancy and failover capabilities already available within their directory services infrastructure, as well as lower costs by simplifying integration. An example could be using existing identity management services to provision CrossLink services.

Cloud Access
CrossLink supports a unique deployment architecture that allow enterprises to push the secure access gateways out to the "cloud" (managed, for instance, by network providers), in order to further simplify the infrastructure and reduce costs. CrossLink clients can connect to multiple gateways simultaneously, providing connection routing based on real-time performance metrics and connection health.

Access Control Consolidation | Secure Seamless Access | Three Edges of Data Risk | Compliance Auditing and Reporting