Request Demo

SVA Architecture Guide

Technical Brief

SVA Architecture Guide

A deep-dive into the Secure Virtual Appliance — how it works, how it scales, and how to deploy it across any environment.

Overview

What is a Secure Virtual Appliance?

The Secure Virtual Appliance (SVA) is the deployment unit of Total Access Control. It is a purpose-built virtual machine that acts as a reverse proxy — sitting between your users and your applications, intercepting every access request, and enforcing policy before any traffic reaches its destination.

Each SVA is single-tenant and fully dedicated to your organisation. There is no shared infrastructure, no multi-tenant data co-mingling, and no dependency on a third-party cloud. The SVA runs wherever you need it — on-premises, in a private cloud, in AWS, Azure, GCP, or any hybrid combination.

A single SVA can be operational in hours. Multiple SVAs form a load-balanced array. Arrays across global locations form a global deployment — all managed from one console.

SVA Core Properties

Architecture
Reverse Proxy
Tenancy
Single-Tenant
Inbound Ports
One (TLS 1.3)
Deploy Time
Hours, not months
Endpoint Agents
Not Required
Console
Single Unified

How It Works

The Access Request Flow

Every access request passes through the same enforcement pipeline before any connection to a protected resource is established.

1
User Request
User attempts to access a protected application from any device or location

2
Single Encrypted Port
All traffic arrives on one port via TLS 1.3. All other inbound access ports are closed

3
Identity Evaluation
TAC evaluates the user against all connected identity sources simultaneously

4
MFA Challenge
Multi-factor authentication enforced based on policy — FIDO2, push, OTP, or other

5
Device Posture
Device compliance validated in real time — OS, patches, AV, encryption, domain join

6
Policy Enforcement
Unified policy engine evaluates all signals and makes an allow or deny decision

7
Audit Logging
Every access event is logged with full attribution regardless of outcome

8
Proxied Connection
Approved requests are proxied to the application — never directly exposed

Scaling

From Single SVA to Global Array

TAC scales linearly as your organisation grows — without architectural changes or additional licensing complexity.

1
Single SVA

Department deployments, branch offices, SMB environments, and proof-of-concept deployments.

  • ✓ Operational in hours
  • ✓ Full feature set included
  • ✓ Scales to array when ready
MOST COMMON
N
SVA Array

Enterprise deployments requiring high availability, load balancing, and fault tolerance across a single region or data centre.

  • ✓ Load balanced across SVAs
  • ✓ Automatic failover
  • ✓ Single console management
Global Array

Global enterprises with users and applications across multiple regions requiring low-latency access from any location.

  • ✓ SVAs in any data centre globally
  • ✓ Geo-aware routing
  • ✓ One policy engine, all locations

Deployment

Deploy Anywhere. Control Everything.

On-Premises

Deploy within your own data centre on VMware, Hyper-V, KVM, or bare metal. Full air-gap capability for classified or OT environments.

Government, Defence, OT/ICS, Healthcare

Private Cloud

Deploy in your private cloud environment with your existing orchestration and networking. Maintains single-tenant isolation.

Enterprise, Financial Services, Legal

Public Cloud

Deploy in AWS, Azure, or GCP as a dedicated VM in your own account. Your cloud tenancy — not PortSys infrastructure.

SaaS, Technology, Education

Hybrid

Mix on-premises and cloud SVAs in one deployment. One console, one policy engine across all locations.

Enterprise, Manufacturing, Energy

Technical Specs

SVA System Requirements

Component Minimum Recommended
vCPUs 2 4+
RAM 4 GB 8 GB+
Storage 40 GB 100 GB SSD
Network 1 Gbps 10 Gbps
Hypervisor VMware vSphere, Microsoft Hyper-V, KVM, AWS EC2, Azure VM, GCP Compute
Inbound Port 443 (TLS 1.3) — one port for all traffic

Ready to Deploy TAC?

Our engineers will walk you through deployment — from single SVA to global array.

Book a Demo
Back to Resources

This website uses cookies

We use cookies to personalize content, provide social media features, and analyze our traffic. We also share information about your use of our site with our analytics partners. You can change your preferences at any time. For more information, please see our Privacy Policy and Cookie Policy. Privacy Policy Cookie Policy