SPAN Technology

Accops HySecure’s Secure Private Application Network (SPAN) technology enables a high performance, simplified remote access deployment. Accops’s SPAN technology makes remote and mobile users access business applications from any device without requiring any network adaptor installation or creating complex network routing changes. SPAN technology makes sure, user’s get the fastest experience when on high latency and slow networks, while network security administrators can ensure full control on which applications are exposed to roaming users.

Strong Endpoint Control

Before an end user is allowed to access the applications, it is mandatory for organizations to detect, scan and evaluate the trust level of the device used by the user. Based on the trust level of the device, HySecure can control the endpoint and make sure the device is not compromised while user is accessing the applications. HySecure can control and restrict Internet access on end user machine. HySecure can also detect the device location and implement different policies based on the location of the device.

Scalable, Reliable & Highly Available

With built-in Load Balancing and high availability features, Accops HySecure can scale to thousands of users to ensure required uptime for business critical operations. HySecure has built-in load balancing for incoming users, as well as application traffic to ensure that the deployed hardware is effectively used. HySecure can be setup in DR mode with client side failover feature so that end users can always connect to a site.

Secure Sandbox computing

HySecure, combined with HyWorks is used by organizations to create a secure sandbox for user computing. In the secure sandbox, the user can be restricted to run limited applications and user can be restricted from copying data from applications to local applications or take the data out of their machine. Secure sandbox can control clipboard, printing functions, desktop session recording, file saving, USB devices and more functions. Based on the user location, the sandbox can adjust itself releasing the restrictions if the user is working from a trust location.

Secure Enterprise Mobility

HySecure enables strong and latest TLS protocol base data security and integrity for application traffic. By deploying HySecure solution, organizations can secure any business application and make it available to end users without requiring any pre-configuration on end users machine. With HySecure, its easy for organizations to enable extranet users, vendors, consultants to bring their own device and get access to applications.

Strong Two Factor Authentication

HySecure includes the HyID, a multi-factor authentication solution which can protect corporate resources with strong authentication. HyID can enable two factor authentication based on One-Time-Password for HySecure login. User must login with a OTP received in SMS, Email or using the Accops HyID Mobile Application. HySecure can do SSO for applications like Microsoft RDP Connection, SSH to Linux Servers and HyWorks, along with presenting OTP for login into desktops, servers and network devices.

Anywhere, Anytime Computing

HySecure provides a single window access to end users which lists the applications that are available to end users, providing a seamless end user experience and reducing the number of support calls. End users can use the HySecure web portal to access business applications. When combined with HyLite access mode, HySecure can deliver any Microsoft Windows and Linux based virtual hosted applications & virtual desktops to end users in a secure sandbox environment. For Power users and locally installed applications, end users can use the HySecure client for desktops to access the applications. HySecure client does not require any pre-configuration and can work from machines without administrative rights and auto-upgrades when new version is available.

Strong Authentication, Authorization & Auditing

Before applications can be exposed to untrusted networks, it is required to secure applications with strong authentication layer. Accops HySecure includes strong multi-factor authentication features which ensures only authorized users can access the applications. Strong device identification features ensures that administrators can control which devices can connect to corporate network and access the applications. HySecure’s flexible, multi-layered authorization framework enables organizations to control access to business applications based on more than 20 parameters. IT administrator can gain insights into who access what at what time through the management console.



  • Web based management console
  • Dashboard with graphical reporting
  • Menu driven console interface for system configuration
  • Wizard driven installation procedure
  • Self-signed certificate generation
  • CLI
  • Delegated administration
  • Certificate based strong authentication for administrators
  • Inline help
  • All web based, TCP and UDP based client-server applications
  • Windows file shares and drive mapping
  • Dynamic port based applications
  • Publish Subnet or IP Range for network access
  • Special support for RDP virtual channels
  • Application server load balancing
  • Session caching for load balanced applications
  • Per application based compression switch
  • MyDesktop for direct personal desktop access
  • Terminal server application publishing via Propalms TSE , RDP & VNC
  • HyWorks VDI
  • TLS 1.0 and above
  • Encryption: Strongest available: DES, 3DES, AES
  • Authentication: SHA-2, RSA 2048/4096s
  • 4096 bit RSA key CA certificate support
  • Internet network masking and IP address/hostname manglings
  • Application level gateway and not layer 2 bridging
  • Hardened gateway operating system
  • Split & Full tunnel modes
  • Authentication based on
    • User identity, OU/group/realm
    • Static passwords, OTP - dynamic passwords
    • Certificates
    • Device signature: CPUID, HDDID, IMEI, more
    • User location, MAC ID, IP Address
    • Endpoint security trust level
  • Integrates with AD/LDAP/RADIUS
    • Two Factor authentication based on
    • Certificates, Device Signatures
    • One Time Passwords (OTP) : SMS/Email/Hardware/Software Token
    • Local database with full customization per user, password policies, password reset support
    • RSA Secure ID or any 3rd party OTP server
  • Fully integrated client-certificate based two factor authentication server with automatic CA and certificate provisioning
  • Email based user provisioning
  • Support for multiple authentication servers with cascading mode
  • Realm based multi-organization support
  • Application based access control
  • Access control based on
    • Device identity and profile
    • Endpoint Security trust level
    • User Authentication method
    • User Role
    • User's organization
    • User's location
  • Dynamic policy evaluation based on run time information about device, authentication method and user role
  • Display of allowed applications and availability of the application server to users
  • Time based restriction policies
  • Scheduled account expiry
  • Block specific groups
  • Multiple VPN Domain based control
  • Control User's Internet access
  • Support for external authorization servers
  • Automatic fetching of group information from AD/LDAP/RADIUS
  • Strong device identification based on 20 parameters includes CPUID, MBID, HDDID, MACID, IMEI No. and more
  • Detect managed and unmanaged devices
  • Login control from managed and unmanaged device
  • Support for checking for antivirus, firewall and antispyware products
  • Real time status check for
  • Last update time
  • Real time protection check
    • Application control based on device profile
    • Mandatory profile for non-avoidable policy checks on all endpoints
  • Quarantine profile for devices that fails all other profile
  • Secure endpoints from attacks over Internet or becoming a proxy for attacks
  • Restrict Internet access of the user based on policy
  • Restricts users from leaking data using clipboard, printing, USB devices, control based on policy
  • Complete reporting of user logons and activity
  • Information logged includes
    • Time of access
    • Username, domain
    • MAC Address of endpoint
    • IP address of endpoint
    • Application accessed
    • Device profile
  • Detailed logging of endpoint security scans results
  • Extract logs in CSV format for feeding to third part report generation
  • Search logs
  • Auto-archiving of logs
  • Monitor and disconnect live users
  • Alerts on new device registrations, user account lockouts
  • Reporting on domain wise access, applications accessed, failed login attempts, concurrency graph
  • Multiple access modes:
    • HyLite portal for clientless access
    • OneGate portal with java applications
    • Agent based access from any browser
    • Full access client for desktops
    • iOS & Android app
  • No configuration required on end user machines
    • Client platforms supported
    • Windows 7/8/10
    • Windows server 2003/2008R2/2012R2/2016
    • Linux OS , MAC OS X
    • iPad / iPhone / Android Access
  • Site to site access
  • HyLite: Access on any device with a HTML5 browser: Blackberry, Windows Mobile, iOS etc
  • Scalable to thousands of users
  • Active-Active N+1 cluster
  • SSL connections load balancing, multiple algorithms
  • Application connection load balancing can distribute the connection for a specific application across multiple app servers in the LAN based on round robin function
  • Session persistence: Users do not need to re-authenticate
  • ISP load balancing for incoming connections
  • Client side failover using Alternate gateways
  • Runs on hardened Linux based platform
  • Menu driven console interface for easy configuration
  • Can run on any standard or custom hardware
  • Runs on virtualization platforms from VMware, XenServer, Hyper-V
  • Integrated HyLite portal for access to Microsoft Windows & Linux based Client Applications and Desktop
  • Printing and File sharing support
  • Seamless access from any device with a browser

Ready to get started?

Connect with Our Technology Consultants