QTrust Server

Decoupling - Plug out the cable ...

The most common way to protect one-self from potential threats is to setup a firewall at the gateway between internet and intranet. However this is only representing the absolute minimum of security because even a firewall in front of mail and web servers has holes. Of cause these are pre defined for selected services but they allow direct connections between clients and servers - an attacker is able to offend the productive systems straightforward.

Definitely a far more secure way is to plug out the cable to the internet. For almost every company this is not a feasible way of doing it nowadays. However the approach of the QTrust Server is close to this method but without completely restricting functionality.

Since it is the central interconnection between all external and internal networks the QTrust Server completely eliminates the direct dataflow between all connected networks. All connections are decoupled and checked by the QTrust Server on the network (IP) as well as at the application level. All services on the attached internal servers and in the DMZ(s) are “mirrored” to the outside by the QTrust Server. The QTrust Server acts as a secure gateway for all communication and protects the attached systems, such as mail servers, web servers, etc. (based on the Sandbox Principle). This has to say that even in the case an attacker achieves hacking into the system he is trapped in the QTrust Server and has no access to business-necessary data stored on the secured networks.