Secure Hybrid Access

Unifying Cloud and On-Premises Worlds

Strata Overview - Distributed Multi-Cloud Identity Management

How does Strata enable Secure Hybrid Access and achieve Zero Trust?

Strata’s Maverics Identity Orchestration extends access of on-premises apps to cloud-based users, providing a Zero Trust approach that allows access to on-premises apps from the cloud. Maverics extends standards-based authentication from cloud identity systems to on-premises apps providing sophisticated last-mile integration with no changes to apps.

This solution enables incremental moves to the cloud while supporting the coexistence between old and new identity systems. Consistency between cloud and on-premises identity systems allows identity and policies to work seamlessly across both.

Challenges with Secure Hybrid Access

Many apps built before the cloud’s Zero Trust architecture were not designed to work across hostile networks.

  • Legacy IAM software was not designed to work in cloud environments and must be replaced with cloud-native identity.
  • Interoperability between new cloud identity systems and existing on-premises identity systems is required.
  • Most existing network configurations are not granular enough to control access (identity context data).
  • Granular access policies are needed to support Zero Trust’s identity as the new perimeter model.
  • Moving apps to the cloud and upgrading identity systems means expensive and time-consuming rewrites and maintenance of custom code.

Easily deliver on-premises and cloud apps through your portal

Maverics enables delivery of on-premises apps through cloud portals from Azure AD or Okta. Easily extend SSO sessions from the cloud to on-premises apps and deliver them to your users through a convenient cloud portal.

Maverics can also be used to mix and match apps and IDPs for different users, based on what works best for your use case. Maverics doesn’t lock you into any single portal but instead delivers a wide variety of apps including Citrix-hosted, SaaS, and more. Maverics assembles the solution that is right for the app, the platform, and the users accessing it.

Effortless SAML/OIDC enablement. No rewrites required.

Maverics transforms SAML/OIDC sessions into HTTP headers with smart mapping capabilities; meaning no rewriting or touching existing apps. Maverics even supports sessions for many legacy Web apps that must move to the cloud, without compromising security or usability.

Zero Trust with Zero Limits

Maverics can assemble authentication, MFA, device verification, granular authorization, and risk scoring based on the needs of applications and your data’s sensitivity. Build intelligent identity flows and swap in the services needed as your needs or the threat landscape changes.

Incremental Migrations. Breakthrough Flexibility.

Maverics enables gradual lift and shift of different apps to the cloud and selective migration of identity systems. Maverics gateways and proxies play nicely with existing network topologies that enable legacy SiteMinder, OAM, ClearTrust, Ping, and Active Directory to coexist seamlessly with cloud identity from Azure AD and Okta.

Unify Identity Across Clouds and On-Premises Environments

Maverics’ Identity Control Plane enables changes in identities on cloud systems like Azure AD and Okta to be propagated back on-premises to keep identity consistent across new and old identity systems.

Business Impact

Create cohesive distributed identity management out of fragmented identity silos spread across multiple clouds and on-premises systems.

Make on-premises apps available quickly to remote workers without the complexity or expense of additional VPNs.

Improve predictability and flexibility through incremental migrations versus the risk of Big Bang switches.

Save money and time by avoiding rewriting apps to make them work on the cloud or with new identity systems

Preserve the user experience with no changes.

Gradually deprovision expensive and bloated legacy identity infrastructure and save on support costs.

Securely run and manage apps and identities across multi-cloud and hybrid infrastructures.

See the Identity Fabric in Action today.

How Maverics Secure Hybrid Access Works

Create cohesive distributed identity management from fragmented identity silos spread across multiple clouds and on-premises systems.

  • Deployed on-premises and in your cloud platforms as a simple, lightweight service.
  • Runs as either a standalone cloud proxy or integrated directly into web and app servers through a unique gateway model.
  • Defines and registers on-premises apps to Azure AD or Okta and to Maverics.
  • Accepts authentication from trusted identity systems like Azure AD and Okta and then passes sessions to apps using the appropriate session technology.
  • Assemble consistent identity profiles from any number of identity and attribute providers and then pass this identity context into apps as part of the last mile integration process.