Advanced Security for PowerServer Applications

Modernize and strengthen security without coding

  • OAuth 2.0 and SSO support
  • Modern PB client authentication
  • Fine-grained permissions (PB client and WEB API)
  • Traceability of sensitive operations
  • Real-time monitoring
  • Audit and compliance with standards
 

Free Trial

PowerServer Application Security

Beyond the first level of security provided by PowerServer, some projects need to strengthen their protection and comply with the latest standards.

Visual Guard strengthens and modernizes your security without changing your code

Modernize authentication methods

Learn more

Secure the API with fine-grained permissions

Learn more

Tracking, Monitoring, and Security Audit

Learn more

User authentication The end of login/password windows

Implement Single Sign-On (SSO)

Visual Guard integrates with Active Directory.

Users can log in with their Windows account. In addition to avoiding redundant user account management, users will be able to log into the application without entering login information.

SSO

The Windows account is automatically recognized

Permissions are applied automatically

Works for desktop and web applications

Multi-factor authentication

Increase sensitive transaction security with an additional authentication factor


Authenticate users with their their account  +  a mobile device

OAuth 2

Integrate your PB applications with an OAuth authentication system.

Comply with corporate standards.

Unify authentication methods.

Fine grained authorizations in the Web API

Easily create fine-grained permissions at resource level, regardless of the Client's technology

The Web API created by PowerServer can be extended by Web services on the back-end.

The REST API can then be exposed to PB clients but also to other applications developed in different technologies: PB, Angular, React...

Traceability, Monitoring, and Security Audit

Considering the number of attacks targeting the sensitive data, or the application's features, application security auditing has become a necessity.
An increasing number of legislations engage the responsibility of organizations regarding data protection.

The Visual Guard Web Console allows you to monitor and track sensitive operations as well as review application security (permissions structure).

Traceability

  • Log important events: user logon, business operations, system security events...
  • Analyze business trends and detect possible issues with historical graphs.

Real-Time Monitoring

Follow important activities: access to confidential data, critical transactions, security changes.

Detect suspicious events - e.g., critical operations at unusual times.

 

Security Audit

Review operations performed by business or privileged users.

Generate reports about the access control configuration (users, groups, access rights, etc.).

Security Alerts by email

Easily create workflows that will trigger alerts based on the events you choose

Immediately receive an email alert

Ready to use tools

The administration console allows you to configure and supervise all the security of the application:

  • Configuration: security repository, authentication, integration with PowerServer
  • User management: accounts and groups
  • Authorizations : Permissions and Roles
  • Audit and Monitoring: audit of authorizations, event analysis, monitoring of sensitive operations
  • Workflow: graphically create events that need to be tracked
  • Define security alerts: Create email templates, define rules

Visual Guard Identity Server

The identity server is an essential component of application security.

It allows to verify the user's identity and to generate a token containing information about him (Claim).
Stored on the client, it will be used each time the user accesses a resource (data, Web Services...) via the Web API.

PowerServer includes an identity server that essentially authenticates the user.


The Visual Guard Identity Server goes further.
It provides advanced features such as :

Single Sign-On,

Fine-grained authorizations on the server side,

Security audit.

 

Codeless integration

Because of its PowerServer-specific design, Visual Guard does not require any changes to the application code.
It only takes a few lines of code to connect it to your system.

Which Identity Server for PowerBuilder

 


Plug & Play

Visual Guard is very simple to implement and can be implemented in one hour:

Only a few lines of code are needed to call the Visual Guard runtime

All the other elements that make it up can be configured using wizards.

Architecture de Visual Guard for PowerServer

  1. A user logs in the PowerBuilder Client Application
  2. VG Identity Server authenticates the user.
  3. VG Identity Server returns a Security Token.
  4. The client sends a request to access resources.
  5. Visual Guard intercepts the request and verifies:
    - the token is valid,
    - the user can access the Web API,
    - he can access the resources (DW, eSQL) for this type of access (C/R/U/D).
  6. If user authorizations are OK, the request is executed.
  7. Administrators use VG Admin UI to:
    - Manage User Accounts
    - Define and grant Authorizations
    - Monitor and Audit security