NS One NS One
Bâtiment Oslo - Les Fjords
19, avenue de Norvège - ZA Courtaboeuf 1
91140 Villebon sur Yvette - FRANCE
Tél. : +33 (0)1 69 59 12 00
Fax : +33 (0)1 69 59 12 05

Contact form >

SG One

SG One is the single solution to fully secure all segments of the application layer. Its foundation rests on different compatible modules that secure the various access points to the enterprise’s Information System: e-mail, web, roaming access applications, etc…

At the core of the solution The SG One appliance is based on SG One Framework, with two main modules:

  • The OneWay Module: a network partitioning system which guarantees a tight barrier against the outside world.
  • The Manager Module: a centralized administration interface that enables end users to perform granular and precise security management.

Based on each company’s architecture other modules can be added.

SG One secures various access points to the enterprise’s Information System:

  • Roaming Access Security,
  • Web application Security,
  • E-mail servers Security.

While undoubtedly providing and increased level of security at the existing architecture, SG One remains easy to implement: no intervention or deployment of special software is necessary, thereby making implementation costs and exploitation minimal.

schéma sgone

A SG One architecture involves the installation of two agents to form a “proxy” TCP with rupture of protocol:

  • An External Agent, placed in the Dematerialized Zone (DMZ). From outside it behaves like an application server, but its function is to block customers’ requests. Direct accesses to servers from the Internet or the public DMZ are prohibited, thereby eliminating any risk of attacks from equipment residing in the DMZ.
  • An Internal Agent, placed on the network and protected from the attacks. It establishes connections with the external agent to collect requests and pass them on to the server.

Network partitioning with the module OneWay

schéma oneway

Various DMZ levels alone with coupled with extremely complex firewalls rules is not enough to guarantee an adequate security level against application attacks.

To prevent attacks based on accesses to the applications resident on the corporate network, NS One has developed a single approach to applications security, through the OneWay module. The goal is to reverse the data exchanges flow, via a partitioning system network (diode), by configuring the firewalls to block any alien traffic. Hence a protection by rebound on IP level to the corporate network.

OneWay supports any type of application protocol TCP including Web applications (http, https), for the mail servers (SMTP, IMAP, POP) but for protocols owners as well (Lotus Notes, Citrix, etc).



  • Network partitioning
    Very restrictive firewalls configuration.
  • Application firewall
    Detection of attacks at the application level.
  • Simple implementation
    No intervention on client computers and no specific deployment.
  • Web enabled administration
    SSL access to all functions.
  • Access portal to applications
    Automatically generated by the administration interface.
  • Multi-protocol solution
    Relays protocols http, https, ftp, Citrix, POP, IMAP, telnet, etc.
  • High availability
    Double fault-tolerance through redundant architecture.

Ils nous ont fait confiance


Ag2r, AvBank, Axa Banque, Azur Assurance, Banque de France, Banque Populaire, BFT, BNP, Caisse d’Epargne, Crédit Agricole, Crédit Coopératif, Crédit Mutuel, GMF, HSBC, ING Direct, La Banque Postale, Macif, MMA, Société Générale, Sofinco,...