Function Overview

SIG works as a bridge connecting two otherwise separate TCP/IP networks and allows defined incoming traffic to be routed from one network to another. The server (Front Server) connected to the Internet is connected, through the serial interface, to another server (Back Server) that is connected to the internal network. Thus the Front Server and the Back Server communicate with each other using the serial port that is used to directly transmit application session data using a proprietary point-to-point protocol. The use of multi-port adaptors or SCI (Scalable Coherent Interface) ensures higher throughput. There is no other connection between the two servers, there is not even transmission of system data from the TCP/IP connection.

Alternatively, SIG can be used as an application router located in one network, ensuring the routing (translation) of TCP connections.

The access of any computer from the internal network to the Internet goes through the Back Server. This method of connection to the Internet is suitable for the operational needs of a web server, but it does not technically allow access to the network. Using the SIG system thus eliminates any intrusion into the local network from the Internet due to a mistaken or intentionally wrong firewall configuration, a security bug in the firewall, or a Windows service installed by mistake.

SIG allows use of the SSL standard to verify the communicating parties as well as to protect the transmitted data. SSL can be optionally used for unilateral authentication (of the server), bilateral authentication (both of the client and server), and encryption.

Certificates of registered users (clients) are stored in the SIG certificate database, which allows efficient access to them during the verification of a user's identity. The database also stores the owner's certificate.

The objective of the SIG system is to provide a truly complex solution. Therefore, SIG also includes an HTTP proxy solution for the optimization of access to the Internet.

SIG is based on an open architecture, so it can be complemented with newly developed modules to expand its possibilities and security features. Such an extension can be, for instance, a custom implementation of a module for the conversion of two application protocols. For instance, the integration of SIG and OfficeLine WWW allows the consolidation of several web servers towards the client.