Segura is a security platform composed of software, operating system, and hardware. This modularized platform meets the most stringent security standards in the industry and is designed as an all-in-one solution, minimizing the need for deploying multiple servers or managing fragmented tools.
In this document, we will cover the main technical aspects of Segura, with a focus on its integrated and simplified architecture.
System modules architecture
The Segura software solution is divided into the following modules:
These components support the operation of the Segura from the physical layer to the application layer:
- Business (Application) layer: where all Segura features are located, from integrations to activity recording.
- Application Server layer: where Orbini is located, MT4 developed a framework to support all solution features.
- Virtual Appliance: a virtual device where the solution is executed.
- Appliance layer: Segura hardware solution.
Unified, Agentless, and Embedded Architecture
Segura’s all-in-one platform delivers privileged access management, session monitoring, secrets management, cloud entitlements, endpoint privilege, and certificate management without deploying multiple separate servers or point solutions.
Basic System Solution Components
In addition to the modular features presented, Segura includes essential embedded software components that are fully integrated into the solution without requiring any external resources:
-
Linux-based Operating System:
Optimized and hardened across all layers (application, database, file system, etc.), Segura runs on a minimal Linux OS with only essential services active. It strictly follows the Principle of Least Privilege and uses a kernel customized specifically for the platform’s functionality. -
Embedded Database:
Segura uses its own secure, embedded database that requires no external licenses or separate deployments, ensuring data is managed internally within each appliance, VM, or SaaS instance. -
Integrated Web and Application Server:
The platform includes its own embedded web and application servers, removing the need to install or maintain any third-party web or application servers. -
Built-in Web Interface:
A secure, user-friendly HTTPS web interface is accessible immediately after network configuration. This interface consolidates all configuration and management tasks into a single unified portal, requiring no additional licenses or software.
No External Requirements
Segura’s architecture removes dependencies common to traditional security solutions, simplifying deployment and management:
- No external database required: All critical data is stored and managed internally.
- No third-party web or application servers needed: Fully embedded servers handle all platform functions.
- No additional software components necessary: The all-in-one solution includes management, reporting, and integrations out-of-the-box.
VPN-less and VDI-less Operations
Segura eliminates the need for VPN and VDI infrastructures, reducing operational complexity and security risks:
- No VPN required: Secure remote access and privileged sessions are enabled via Segura’s agentless architecture and the Domum Remote Access module, allowing VPN-less connectivity for both internal and external users.
- No VDI needed: The platform is fully accessible through any modern web browser. Native clients support advanced protocols when necessary, but VDI environments are not required.
Optional Components for Advanced Scenarios
While Segura functions as a self-sufficient platform, optional components exist to address specific architectural needs:
- Segura Network Connector: Free utility to securely link Segura with isolated networks or target systems.
- Segura Arbitrator: Prevents split-brain scenarios in clustered environments.
- Segura Load Balancer: Provides high availability and optimizes traffic distribution across cluster nodes.
- Additional software (advanced use cases): Integration with Windows Server 2008 (RDS) to enable RemoteApp, and optional backup server configuration for remote backups.
In summary, Segura’s unique embedded and unified design eliminates typical infrastructure dependencies—such as external databases, VPNs, VDIs, separate web/application servers, and third-party software—greatly simplifying deployment, management, and enhancing overall security posture. Optional components extend functionality but are not mandatory for standard operations.