Datacloak DACS

The core components of DACS consist of the client, the security brain, the DACS zero-trust control center, and the DACS zero-trust security gateway. The functions of each component are as follows:

1. Client: It is responsible for establishing a kernel-level security sandbox on the terminal, dividing the terminal from the kernel layer to the application layer into personal space and enterprise workspace. The software (applications) and data running in the secure workspace have data protection functions such as link encryption, disk encryption, data isolation, network isolation, clipboard isolation, application control, process control, peripheral control, and screen watermarking, ensuring that enterprise business resources and sensitive data are in a completely secure and controllable environment. At the same time, the client also executes terminal authentication, data collection, and resource access policies, and collects and transmits terminal data to the security brain for further auditing, analysis, and security warnings.

2. Security Brain: The security brain perceives various events on the platform through data tentacles spread throughout the system, from the terminal to the application and then to the network, and performs event correlation, comprehensive analysis, and decision-making, achieving three core capabilities: AI-driven continuous verification, adaptive security, and multi-dimensional comprehensive auditing and situational awareness.

3. Zero-Trust Security Center: The security center is the control room and dispatch center. The strategy formulation, strategy distribution, and strategy execution of each component are all uniformly commanded and scheduled by the security center. This includes identity and account management, authentication methods and login session management, unified management of static and dynamic permission policies, unified management of platform assets, and unified management of workflows and business processes. At the same time, the security center supports open API interfaces, and through personalized workflows and data flows, it can be integrated with the existing security architecture of enterprises to meet various flexible enterprise scenario requirements.

4. DACS Zero-Trust Gateway: It is mainly responsible for establishing and closing data encryption transmission channels, achieving secure data access and precise control for business. Based on the strategies and instructions from the security center, it provides secure connection capabilities and fine-grained access control capabilities. At the same time, the gateway can provide traffic analysis capabilities, including source IP, port, destination IP, port, protocol, and other information at layers 3 and 4, as well as URL path, HTTP headers, and other information at layer 7. It supports the connection of all traffic information from the security center platform to third-party analysis platforms through Syslog.