Visual Guard
     
 
Visual Guard Architecture

Visual Guard is a flexible solution that complies with most architectures and technical requirements.
Below are several examples of possible implementations:

Visual Guard Enterprise Edition - Public Mode
Visual Guard Enterprise Edition - Private Mode
Visual Guard Enterprise Edition - Basic Mode
Visual Guard Enterprise Edition - Mixed Mode		 Visual Guard Professional Edition for .NET
Visual Guard Professional Edition for PowerBuilder

Visual Guard Enterprise Edition – Public Mode

VG Server Exposes Web Services to secure multiple technologies with the same system

Access Control Life Cycle

securité s deploiement s

 

initial deployement Development

Developers define permissions with the VG Win Console.
Permissions are stored in a development repository.
Developers deploy the permissions into production with a VG utility		   permissions development

Daily IAM Management Administration

Administrators manage Users and grant them permissions.
They update the production repository with the VG Web Console		   users and permissions management

Subsequent Deployments Enforcement

VG Server exposes Web Services for User Authentication and Access Control.
Applications call VG Web Services to verify the user identity and check his access Privileges.
Each operation performed by the user is logged in the VG Repository.		   Security enforcement

Subsequent Deployments Audit

Auditors use a specific application provided with VG.
They can control user attributes, roles and privileges across multiple systems. They can also review user operations.

   Security audit
c s c s

 Notes
securité s deploiement
  • Any windows or web application capable of SOAP calls or HTTP Requests is supported.
  • Applications do not need a direct access to the database.
  • Neither do the Administration Console or the Auditor Application.
  • Users, Administrators and Auditors can operate from any location with Internet Access
  
c s c
   

Top

Visual Guard Enterprise Edition – Private Mode

.NET applications with no direct access to the repository, communicating with the VG Server

Access Control Life Cycle

securité s deploiement s

 

initial deployement Development

Developers define permissions with the VG Win Console.
Permissions are stored in a development repository.
Developers deploy the permissions into production with a VG utility		   permissions development

Daily IAM Management Administration

Administrators manage Users and grant them permissions.
They update the production repository with the VG Web Console		   users and permissions management

Subsequent Deployments Enforcement

End-users log in to the .NET application.
The VG runtime calls the VG Server to verify the user identity. The VG Server sends the user permissions back to the VG runtime The VG Runtime enforces user permissions by dynamically changing the application.		   Security enforcement

Subsequent Deployments Audit

Auditors use a specific application provided with VG.
They can control user attributes, roles and privileges across multiple systems. They can also review user operations.

   Security audit
c s c s

 Notes
securité s deploiement
  • Applications do not need a direct access to the database.
  • Neither do the Administration Console or the Auditor Application.
  • Users, Administrators and Auditors can operate from any location with an Internet Access
  
c s c
   


Top

Visual Guard Enterprise Edition – Basic Mode

.NET applications directly accessing the repository. The VG Server is not installed in this configuration.

Access Control Life Cycle

securité s deploiement s

 

initial deployement Developement

Developers define permissions with the VG Win Console.
Permissions are stored in a development repository.
Developers deploy the permissions into production with a VG utility		   permissions development

Daily IAM Management Administration

Administrators manage Users and grant them permissions.
They update the production repository with the VG Web Console		   users and permissions management

Subsequent Deployments Enforcement

End-users log in to the .NET applications.
The VG Runtime queries the VG Repository to verify user identity.
The VG Runtime retrieves the user permissions and enforces security by dynamically changing the applications.		   Security enforcement

Subsequent Deployments Audit

Auditors use a specific application provided with VG.
They can control user attributes, roles and privileges across multiple systems. They can also review user operations.

   Security audit
c s c s

 Notes
securité s deploiement
  • Applications need a direct access to the database.
  • Administration Console or the Auditor Application do NOT require such direct access.
  • Administrators and Auditors can operate from any location with Internet Access
  
c s c
   

Top

Visual Guard Enterprise Edition – Mixed Mode

A combination of Basic, Private and Public Mode in the same production environment

Access Control Life Cycle

securité s deploiement s

 

initial deployement Development

Developers define permissions with the VG Win Console.
Permissions are stored in a development repository.
Developers deploy the permissions into production with a VG utility		   permissions development

Daily IAM Management Administration

Administrators manage Users and grant them permissions.
They update the production repository with the VG Web Console.		   users and permissions management

Subsequent Deployments Enforcement

  • Some .Net applications access directly the repository (for instance webforms and webservices)
  • Other .Net applications call the VG Server in private mode (for instance Winform applications running on remote sites)
  • Other technolgies call the VG Server in Public Mode (for instance Java, C++, PHP or PowerBuilder applications).
   Security enforcement

Subsequent Deployments Audit

Auditors use a specific application provided with VG.
They can control user attributes, roles and privileges across multiple systems. They can also review user operations.

   Security audit
c s c s

 Notes
securité s deploiement
  • All the applications are secured by the same system, no matter the technology or the location of the user.
  • Administrators and Auditors can operate from any location with an Internet Access
  
c s c
   

Top

Visual Guard for .NET Applications Architecture

Top

Visual Guard for PowerBuilder Architecture

Top

 
 
Other Solutions:
User Authentication, User Permissions, Identity Federation and Audit for PowerBuilder and .NET
Single Sign-On (SSO), Windows Authentication, integration with Active Directory and ADFS 2.0
Access Control for Silverlight, WCF, WPF, asp.net, Winform, Java and PowerBuilder applications
Protect your PowerBuilder code against reverse-engineering and powerbuilder decompiler
Localization and translation of PowerBuilder Projects
Code analyzer for Powerbuilder, PL/SQL , Sybase ASE TSQL, and SQL Server TSQL
Cross references, documentation tools and advanced code exploration
PowerBuilder to web migration tools. Use the productivity of PowerBuilder for Web developments
Web-deployment: Convert PowerBuilder to .Net or Convert PowerBuilder to Java
Let users make changes in PowerBuilder applications for customization purposes
Let end-users customize or update a PowerBuilder application. No development skill required

Other Products:
Visual Guard - PowerBuilder and .Net Security
Visual Expert - Maintenance of PowerBuilder applications
Enable - localization and translation of PowerBuilder Projects
Appeon - PowerBuilder to web deployment
Customization Studio - Let non-developers customize PowerBuilder apps

Other Resources:
Novalys - PowerBuilder and .NET Companion Tools
PowerBuilderTV - PowerBuilder Webcasts
Worldwide PowerBuilder Survey