All web application firewalls (WAFs) filter data traffic. But Airlock WAF does far more: when combined with Airlock Login or IAM, Airlock WAF provides a central policy enforcement point for authentication and authorization. We are convinced that upstream authentication is the most important security filter bar none.
Why is two-factor authentication (2FA) so important? Because passwords are often stolen, forgotten or guessed. That's why they should be backed up with a second factor. But deciding to do this separately in every application is a costly undertaking that would soon become technically outmoded, because the application landscape is constantly growing and changing. Nor should the architectural complexities of this approach be overlooked. With Airlock, the decision on a central solution only needs to be taken once: it doesn't matter which applications (or how many) you decide to "hook up", and these aspects have no impact on the cost.
We have already integrated the best authentication methods directly in Airlock Login and Airlock IAM. We also link up existing user directories and databases – so there is no need to do this separately for each application. If additional profile information is needed (e.g. to register new tokens), it can be provided by expanding existing profiles or by an additional persistence layer.
- Two-factor authentication (strong authentication)
- Single sign-on
- User self-services