The Question That Everybody Asks: What’s The Difference Between Seacat and VPN?
One of the most common questions people asked us is “Is SeaCat some kind of a VPN?”
Well it’s not. Virtual Private Network (VPN) extends a private network across a public network, providing secure connectivity from/to a mobile device. Every application on this device, thus now has access to the private network through the channel opened by VPN. This is safe up to a certain level because it is almost impossible to ensure the integrity of every application on the devices. Especially now when there are apps for everything, and users can download them from Google Play and the Apple store.
Recent research from Arxan shows that 97% of the top 100 paid apps on the Google Android platform and 87% of the top 100 paid apps for Apple iOS had been hacked. Does it seem like almost every app has been hacked? As you can see, your data are not secured using applications from bespoke sources. Data being sent to and from your mobile application are easily stolen and used in a harmful way to you and your organisations.
One common hack we often hear about comes from the form of malware. What if you have them in your mobile devices? These malware apps would then, through the VPN channel you have opened, exploit the data residing on servers of your private network. For this precise reason that Gartner’s Janessa Rivera proposes “new models of building security directly into applications; every app needs to be self-aware and self-protecting.”
On the other hand, Seacat is a Mobile Secure Gateway (MSG) providing secure connectivity directly from the mobile application to the gateway entry to the DMZ before allowing any further activity to the sensitive data centre of your organisation. Because of the required mutual authentication, only application with trustable certificates are allowed to access the private network. This is the reason MSG narrows the attack vector to the minimum and keep your data as safe as possible.
Is SeaCat still a VPN? You tell us.
Most Recent Articles
- A beginner-friendly intro to the Correlator for effective cybersecurity detection
- Inotify in ASAB Library
- From State Machine to Stateless Microservice
- Entangled ways of product development in the area of cybersecurity #3 - LogMan.io
- Entangled ways of product development in the area of cybersecurity #2 - BitSwan
You Might Be Interested in Reading These Articles
SeaCat Tutorial - Chapter 5: Using Parse.com with REST Integration (iOS)
As the market with Cloud Computing and Mobile devices is getting bigger, there is another specific option available. It's called (Mobile)Backend-As-A-Service (BAAS) and it is extremely useful in situations we want to subscribe a complex backend service (alongside the core backend solution, there is usually a lot of additional functionality and statistics) and primary focus on development of client part of mobile apps for instance.
Published on January 31, 2015
What TCP port to use with SeaCat?
SeaCat requires to specify one TCP port that is eventually used for client-gateway communication. Clients connect to this port to establish TLS channel that is used to exchange requests and related responses. SPDY-based communication protocol is used for traffic in this channel.
Published on May 23, 2014
The Outrageous Cost of HTTPS - Why?
Mobile applications use HTTP communication between the application backend and the clients. Because of the demand for higher level of security, IT people implement HTTPS by setting up certificates issued by LetsEncrypt Certification Authority in their application backend server. The shift between non secure HTTP connections to HTTPS connections leads to a significant increase of amount of data being transferred from/to the clients. How is this possible?
Published on June 14, 2016