Cloak Labs Solutions Overview

The Cloak Labs Global Virtual Bus™ securely and reliably extends your Enterprise Service Bus (ESB) from the Data Center to your global value chain.

We provide end-to-end encryption of your application data from your ESB to your partners. Our Global Virtual Bus is a cloud-based, completely encrypted queueing system, that securely stores and forwards messages to your partners.

This allows you to connect applications across enterprises without expanding your attack surface. You don’t need to open any inbound ports (on either side) or even have any public-facing IP addresses. You don’t have to issue credentials to your partners. You don’t need to install a leased line or setup a VPN.

The Cloak Labs Global Virtual Bus™

The Cloak Labs Global Virtual Bus™

Our triple-layered security process:
  1. Encrypts the message payload using AES256
  2. Creates an envelope containing the AES key plus the message metadata and encrypts that using RSA1024 using the public key of the destination Security Gateway.
  3. Signs the message with the private key of the sending Security Gateway for later authentication by the receiving Security Gateway.
  4. Transmits the envelope and payload to the Cloak Labs cloud over an SSL connection.

Security Gateways are small applications that run on-premise. All private keys are under your control and not available anywhere in the cloud.

Sending Security Gateways transmit your messages to redundant destinations in the cloud. Receiving Security Gateways then download from redundant sources as well. Once the first copy of a message has been delivered and verified the redundant downloads are cancelled. Furthermore, messages are queued at the sending Security Gateway and in the cloud. Transmission is automatically resumed when network connectivity is restored. This architecture allows Cloak Labs to guarantee message delivery in loosely coupled, less than 100% available networks. Importantly: outbound messaging is non-blocking.
Small Messages to Large Files
Cloak Labs’ architecture extends from small messages (a few KB) to gigabyte files or even larger.
No VPN or FTP server to manage
Cloak Labs’ application messaging service does not require the set-up and management of a VPN/VAN or FTP Server, reducing the person-power required to set-up and maintain these point-to-point connections.
Reduced cost of ownership
Cloak Labs reduces VPN setup and operation costs as well as costs associated with network partitioning (ex: VLANs) by avoiding any increase in your network’s attack surface.
Quickly extend your current network
Even if you already have a messaging network in place, bringing up new trading partners can be a time consuming and costly process from an implementation and licensing standpoint. With Cloak Labs, IT Managers can extend their current application network via a simple software download to physician groups, clinics, branch offices, international locations, or remote trading partners without having to reinvest in costly application integration technologies.
Guaranteed delivery of your messages
By removing all single points of failure and routing dual copies of transactions over separate paths, we avoid outages and latency issues due to congestion or downed carrier lines. Every message is delivered in seconds and follows an independent route to its recipient application worldwide, with positive acknowledgment of delivery to both parties.
Unlike traditional VPNs, VANs or Leased Lines that only allow for point-to-point communication, we provide simple access controls to allow for one-to-many messages with the same latency and guaranteed delivery.
Multiple protocol support
Our messaging platform is pre-configured to integrate with a variety of applications through Cloak Labs Security Gateways and can handle many standard protocols. Regardless of your trading partner’s messaging protocol, Cloak Labs’ Security Gateways encrypt and convert each file “on-the-fly” to the trading partner’s protocol with no intervention on your part.