News

CroGuard release 2.1

New Features

• OpenID Connect authentication and authorization

  Authenticating users with OpenID Connect is available in CroGuard 2.1. Each tenant can configure its authentication to use OpenID Connect (or short OIDC) with auto-user provisioning.

  Authorization can also be offloaded to the OpenID Connect Identity Provider by automatically assigning group memberships to users on login.

  The configuration is easy as it supports OpenID Connect Discovery which makes the process less error-prone and is supported by all major identiy provider solutions like Keycloak, Microsoft Entra ID and Okta just to name a few.

• OpenAPI version 2.1

  The CroGuard OpenAPI version 2.1 was extended for tenants to configure their OpenID Connect authentication and authorization.

CroGuard release 2.0

New Features

• Multi-Tenancy

  A multi-level tenancy model is available in CroGuard 2.0. It enables service providers and multinational corporations to host several isolated tenants with a secure role-model for all configured levels. This includes a new 'Tenant Admin' role as well as a foreign tenant access listing.

• First Time Wizard

  The new first time wizard makes installing the license and creation of the initial administrator user a breeze.

• OpenAPI version 2.0

  The CroGuard OpenAPI version 2.0 enables multi-tenancy, returns more granular HTTP response codes and uses stricter validation for even more detailed error messages and improved vendor compatibility.

Improvements

• keep forms open on error
• auto focus input fields when adding list items
• highlight selected version in all timelines and history tables
• improved performance of all network object pages
• improved user permission visualization
• new main menu icons for easier recognition
• extended role permissions

  To ease the work of several roles by granting them more read-only permissions.

Our Vision

“CroGuard helps firewall admins, CISOs, application administrators and other operations and security staff to elevate IT management to a maximum extent of simplicity with a focus on security.”

Think Different

Forget about all means of firewall management ever evolved and find an ease in CroGuard’s resource management. Diverge application management across business-responsible parties, accelerate IT security operations and make your digital business future-proof.

The CroGuard Way

Let’s explore the CroGuard family and demystify the complexity of firewall management.

Resource administrators, the owners of all your business applications and services, know best what network connections are required to access them.

Network object administrators can manage single IPv4/6 addresses (“hosts“), networks, ranges and groups of the just mentioned. Those objects are used as the source of access requests.

Requesters can create, modify or request deletion of access requests. Thanks to the simple nature of CroGuard this role can be assigned to all employees without the need for special knowledge about networking or firewalls. Access requests need to be approved by a member of each requested resource owner group prior to handing them over to firewall admins for implementation.

Firewall administrators implement changes of objects, resources and access requests. All objects are fully versioned, echoing who created, changed or deleted the same, adding reason and timestamp.

Auditors can view a timeline of all those changes.

Application administrators manage users, user groups and their assigned roles. The users` role is the sum of directly assigned and group roles.

Your Value

This approach enables all authorized employees to request access to applications and services in a documented and reproducible manner. Firewall administrators are relieved from the pain to meticulously study requirements for application access to map them into firewall rules.

Benefits

• faster handling of requests
• less errors through better data by the owners responsible for their services
• significantly increased visibility of possible network access options

especially for Managed Service Providers

• multitenancy
• IPv6 support

Features

• vendor independent access management
• workflow-driven with versioning of all major objects
• easy extension of policy to additional security products
• no vendor lock-in
• IPv4, IPv6 and FQDN based access control
• detailed role-based access control
• responsive WebUI with light and dark color modes
• OpenAPI 3.1 with full documentation

Supported Products

• Aruba EdgeConnect SD-WAN Orchestrator
• Cisco Firepower Management Center
• Check Point Manager
• Fortinet FortiManager
• Versa Secure SD-WAN Concerto & Orchestrator

Licensing

Enterprise

As almost every job in today’s world depends on the IT of a business, CroGuard license tiers are based on the number of enterprise employees.

Order CroGuard for one of the following tiers that fit best for your business:

• 1-100
• 101-500
• 501-1000
• 1001-2500
• 2501-5000
• 5001-10000
• 10001-25000
• 25001+

Managed Service Provider

For multitenancy licensing please contact us at msp@croguard.com.

Distributor

Our exclusive distributor is FEN!X.

About Us

Having spent more than 20 years in managing and automating the firewall business of MSPs, I felt the urgent need to develop a new model of enterprise resource access management as such. It became increasingly clear to me that the conventional approach of implementing access to resources (applications and services holding data) had to be reinvented from scratch.

Resources of enterprises are the core of importance, hence access to them should be manageable for everybody at any time. The essence of CroGuard is to aid the small group of IT administrators, unburdening them from the pain of what we classically term as “firewall rule management”. Inter-company workload distribution, combined with the infinite power of automation for well-known network security vendors, lifts OPEX savings noticeably and, on top, frees valuable IT-manpower for more complex tasks.

- Alexander Hartmaier