NS One NS One
Bâtiment Oslo - Les Fjords
19, avenue de Norvège - ZA Courtaboeuf 1
91140 Villebon sur Yvette - FRANCE
Tél. : +33 (0)1 69 59 12 00
Fax : +33 (0)1 69 59 12 05

Contact form >
  • Reinforced security
  • Risk of attack minimal
  • Simplified implementation
  • Facilitated administration

To mitigate the problems in securing SMTP flows, it is essential to complement the installation of anti-viral or anti-spam solutions by integrating a real content control policy. In parallel with the solutions traditionally deployed on servers or client workstations, the SG One solution creates a tight barrier between the Internet and the private network by prohibiting direct or bounced access to internal e-mail servers.

By installing the SG One solution to secure your e-mail servers, you allow your users to connect to the SSL gateway through a standard web browser. In this way, they are able to access the internal enterprise resources according to pre-defined rights from any workstation, anywhere.

schema sgone web

The SG One solution

SG One is a solution offered in the form of an appliance to simplify implementation. It makes it possible to secure the various access points to the company’s Information System: e-mail, web, applications, etc. using the various technology modules in charge of security features.

With the implementation of the SG One solution to secure your e-mail servers, you create a tight barrier between the private network and the Internet, by prohibiting the direct access or by rebound to the internal e-mail servers. Indeed, SG One allows the internal network to be separated by the configuration of the firewall in diode. Direct accesses to the e-mail servers coming from Internet or the DMZ are thus prohibited by the firewall, removing any risk of attacks.

Easy to implement, the SG One solution can be put in parallel your anti-viral or antispam solutions, on the servers or client workstation. No intervention or deployment of special software is necessary, reducing thus considerably the costs of implementation and exploitation.

More informations

Each SG One appliance is composed of a framework based on a securised Linux core and of a Reverse Proxy (Virtual hosting and load balancing IP
and URL, End-to-End encryption).
Then various modules are added to meet the customers needs according to their business activities and of the requirements for their security
policy: type of users and accessible applications, volume of information and connections, security level, etc.

schema sgone web

Integrated modules

The OneWay module is based on a unique architecture developed by NS One that uses a system of network partitioning (diode) in order to reverse the direction of data exchanges and to authorize firewalls to block all traffic from external origin

Each SSL VPN appliance includes a Manager module, which is a solution for the management of the network and security configurations. Designed for large-scale deployments, this solution allows granular and precise security management for each protected site. The administration system distributes the network configuration and security policy to the appliances located in the DMZ so as to protect the internal network.

Optionals modules

Message Processor
The Message Processor module allows intelligent processing of
messages. It verifies the validity of the destination addresses using the company’s directory server, identifies undesirable e-mails and allows message prioritization. It therefore addresses the major problems relating to e-mail server management:

  • Protection of the messaging infrastructure against denial of service or «harvest» attacks. The Message Processor module verifies the validity of the destination addresses via the company’s directory server before the message is completely received and refuses invalid SMTP connections.
  • Improved e-mail system utilization. The Message Processor module deletes or identifies undesirable mail messages through the use of filters, including anti-spam and anti-virus.
  • Simplification of e-mail system administration. The Messag Processor module stops or gives priority to certain messages over others.


Separation of SMTP e-mail services

  • Creation of a tight barrier (diode) between Internet and the internal network
  • Suppression of the direct external accesses or coming from the external e-mail server
  • Inversion of the SMTP connections direction

Firewall against denial of services or «harvest» attacks (Message Processor option)

  • Limitation of the sessions number per IP adress
  • Refusal of new connections if the critical point is reached

Filtering (Message Processor option)

  • Installation of black list and white list
  • Optimum rate of filtering
  • Removal of the not requested e-mails
  • Graphic administration interface
  • Management of logs
  • Management of 300 000 users




  • Network partitioning
    Very restrictive firewalls configuration.
  • Application firewall
    Detection of attacks at the application level.
  • Simple implementation
    No intervention on client computers and no specific deployment.
  • Web enabled administration
    SSL access to all functions.
  • Access portal to applications
    Automatically generated by the administration interface.
  • Multi-protocol solution
    Relays protocols http, https, ftp, Citrix, POP, IMAP, telnet, etc.
  • High availability
    Double fault-tolerance through redundant architecture.

Ils nous ont fait confiance


Ag2r, AvBank, Axa Banque, Azur Assurance, Banque de France, Banque Populaire, BFT, BNP, Caisse d’Epargne, Crédit Agricole, Crédit Coopératif, Crédit Mutuel, GMF, HSBC, ING Direct, La Banque Postale, Macif, MMA, Société Générale, Sofinco,...