You have the questions. We have the answers.

Please review our Frequently Asked Questions for some relevant replies. Of course, feel free to get in touch with us at any time for any queries.

What is InstaSafe Secure Access?

InstaSafe Secure Access is a comprehensive security solution based on Software Defined Perimeter principles, delivered in a SaaS model, that lets non-security experts affordably create a secure, distributed network for Public Clouds, Private Clouds and On-premise data centers. It provides user and device authentication, user and device binding, secured networking, access control and auditing, as well as real-time monitoring capabilities.

I have forgotten my password to login into InstaSafe Client. Can I reset my password?

Yes. Open your web browser and go to and click on Forgot Password link or go directly to this link to reset your password. If you are unable to reset your password through this link, then contact your company’s IT team.

How does InstaSafe Secure Access work?

InstaSafe Secure Access requires works by having a client agent on the user’s device that helps to connect the user to the controller, where the user is authenticated and the device is verified; and also have an agent running in the data center to connect to the Controller and tunnel all user traffic to the data center applications. The InstaSafe Secure Access cloud based Controller performs the following functions:  
  1. Authenticate users
  2. Authenticate devices
  3. Bind users and their devices
  4. Enforce application access rules to users / user groups
  5. Verify endpoint hosts are running required software (such as AV etc.)
  6. Provide secure encrypted tunnel from end user device to the data center
  7. Data centers are connected to the Controller via our Gateway module installed in each data center. The Gateway creates a secure encrypted tunnel from the DC to the Controller and tunnels all user traffic to the applications.

What are the main benefits of using InstaSafe Secure Access?

InstaSafe Secure Access helps you protect your applications against many network based attacks by allowing you to hide the applications, while at the same time allow access to the applications to only authorized users accessing with registered / authorized devices. The primary security benefits of using InstaSafe Secure Access are: Block many network based attacks such as:    
  1. MITM - Man in the middle attack
  2. Server scanning - by limiting access at Layer 4, attackers cannot scan the entire system for vulnerabilities to exploit.
  3. DoS - Denial of Service attacks are blocked as no DNS and IP information is published

What’s the bandwidth overhead?

InstaSafe Secure Access does not require any additional bandwidth to operate beyond the needs of the applications being accessed by the users. InstaSafe Secure Access utilizes bandwidth only for querying the endpoint during initial authentication and authorization which utilizes very less bandwidth. The bandwidth requirement depends primarily on the applications being accessed by the users. If customers enable export of logs from the Controller to their data center, then additional bandwidth of 256 to 512 Kbps would be sufficient to push the logs from the Controller to the log storage in the data center.

What is the basic architecture of InstaSafe Secure Access?

  1. Endpoint provides devices fingerprint (certificate & device ID) and creates mTLS tunnel with AES-256 bit encryption
  2. Device verified and authenticated. Initiate user authentication
  3. User authentication using password + OTP / Token
  4. User requests access to Application-X
  5. Based on device and user authorization, access is allowed
  1. (A) Gateway device authentication (certificate, device ID) and creates mTLS tunnel with AES 256 bit encryption
  2. (B) Gateway authenticated and available with specific subnets
  3. (C) Controller routes application traffic between user and the Gateway. Gateway routes the traffic between the Gateway and the application.

Does InstaSafe Secure Access introduce any latency?

Secure Access interconnects the users to the applications securely over any type of network. Primarily, the network bandwidth or latency plays a large role in the user experience. Secure Access components such as the Client agent, Gateway and the Controller introduce latency in the range of a few milliseconds which does not impact user experience.

Does InstaSafe Secure Access integrate with Active Directory or LDAP or RADIUS server?

Yes. Secure Access can be integrated with AD / LDAP / RADIUS servers. Integration with AD / LDAP allows you to directly import all or specific users from the directory and onboard them into InstaSafe Secure Access with a single click.

Does InstaSafe Secure Access provide any hardware to be installed in my network?

No. InstaSafe Secure Access is a software only solution and does not deploy any hardware. The Gateway module that is installed in the customer network requires any generic hardware running a compatible OS such as Linux, Windows or Mac OSX.

Does InstaSafe Secure Access support 2FA?

Yes. InstaSafe Secure Access has built-in support for 2FA using either SMS / Email / Google OTP. We also support other third party token based products such as RSA SecurID, Vasco etc. using RADIUS protocol.

Does InstaSafe Secure Access work without an agent?

No. InstaSafe Secure Access uses the Client agent to perform a lot of security functionality that makes our solution unique and more secure than the others and hence requires the use of the Client agent on every end-user device.

Does InstaSafe Secure Access support any and all applications?

Yes. InstaSafe Secure Access tunnels any and all types of TCP/IP or UDP/IP based application traffic.

How do I know how many Gateways I need in my setup?

Refer to the architecture diagram FAQ question and note that one Gateway is typically installed per data center (or cloud) and additionally a backup gateway is installed for redundancy. However, depending on specific requirements of your network, there may be more than 2 Gateways required to be installed per data center or cloud setup.

How does InstaSafe Secure Access ensure availability of the service?

InstaSafe Secure Access Controller is the primary component of the entire solution and is hosted in reputed Public Clouds such as AWS, Azure, IBM Cloud and others. We utilize the Public Cloud well established functionality for very high level of redundancy to ensure continuous availability of our services to all our clients. At the customer level, we recommend installation of backup gateways to provide high level of availability of the data center itself. It would also be recommended that the customer have redundant internet connections from different providers to ensure continuous availability of the services.

Can I connect multiple clouds using the InstaSafe Secure Access solution?

Yes, InstaSafe Secure Access solution was designed to be cloud-independent. Using the Secure Access Gateways you can connect your deployments on different clouds or hybrid environments.

Does InstaSafe save any of my data that is passing through it?

No. All data from the endpoint Client to the Gateway is tunnelled through the AES 256 bit encrypted tunnel. The tunnel is not terminated on the wire in our cloud and hence no data is decrypted nor stored in our cloud. We only store activity, access and other related logs for a specified period of time. Such logs are accessible only by authorized personnel of InstaSafe based on their role.

Start your free trial and discover why Instasafe is loved by customers.

A free trial of our InstaSafe software gives you access to on demand virtual private networks with no upfront investment or hardware

Get your free trial
Powered by Think201