SphereShield is a security platform designed to let companies deal with issues of access control, compliance, and threat protection. The SphereShield platform is based on a propriety reverse proxy with extendable multi-protocol filtering capabilities, and an admin site for product management, reporting and, configuration.

SphereShield can be implemented for on-premise or cloud as a CASB.

The platform is the basis for AGAT’s solutions for Skype for Business and ADFS and can be used to address security requirements of other product.

The SphereShield platform enables the following services:

Identity and Access Control

Multi-Factor Authentication

With additional factors for sign-in aside from credentials, the sign-in process becomes more secure while at the same time not hindering the day to day work of the users. SphereShield enables authentication based on device enrollment or mobile client apps. In addition, the solution includes a self-service portal fordevices management.

MDM Device Verification

Integration with leading MDM vendors both on client and service side.The integration allows setting restriction for access based device security level and blocking access once a device become Out of Compliance. Current vendors supported by SphereShield: MobileIron, IBM MaaS360, VMWare AirWatch, BlackBerry, Citrix XenMobile.

Account Lockout Protection

Account lockdown via DoS/DDoS attacks is a considerable threat to any service that relies on secure authentication such as Skype for Business or any ADFS based cloud service. By sending multiple failed login attempts under one username, an attacker can easily lock down an account. SphereShield offers a unique solution for blocking such attacks, which will still allow authorized users to continue accessing cloud-based services even while the attack is ongoing.



Data Leak Prevention

Inspecting the content sent via different protocols such as HTTPS, SIP, and ActiveSync and ensuring that no sensitive info is passed. SphereShield DLP engine can be used on its own or be integrated with leading vendors in the market including Symantec, McAfee, and ForcePoint.

Data Governance and eDiscovery

Data governance is the ability to control your data: gaining access to it when you need it and getting rid of it when needed. SphereShield offers tools for quickly accessing and managing achieved data. The module enables advanced search for data and easy deletion of obsolete information.

Ethical wall

SphereShield enables companies to enact policies controlling communicationbased on different parameters such as user or groups, ensuring tight control over communication and compliance with regulatory demands.  Control capabilities cover the establishment of the communication as well as what operations should be allowed within the communication.


Threat Detection and Prevention

User and Network Behavior Detection

SphereShield allows admins to profile user and network behavior to detect anomalies such as an impossible traveler or unusual volumes of traffic.

Anti-Malware and Anti-Virus

SphereShield inspects traffic for Malware or Viruses in the DMZ before it reaches the network or enters to the cloud. This module is Integrated with leading vendors such as Kaspersky.

Auditing and Security events

Register security related activities and trigger events for SEIM & SCOM systems.