See the unseen. CryptoAuditor SSH.COM. Control and audit encrypted 3rd party sessions. What is CryptoAuditor?

Similar documents
HySecure Quick Start Guide. HySecure 5.0

IBM Secure Proxy. Advanced edge security for your multienterprise. Secure your network at the edge. Highlights

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry

SYMANTEC DATA CENTER SECURITY

VMware Content Gateway to Unified Access Gateway Migration Guide

CRYPTTECH. Cost-effective log management for security and forensic analysis, ensuring compliance with mandates and storage regulations

The Road to a Secure, Compliant Cloud

VMware AirWatch Content Gateway Guide For Linux

CyberArk Solutions for Secured Remote Interactive Access. Addressing NERC Remote Access Guidance Industry Advisory

VMware AirWatch Content Gateway Guide for Linux For Linux

PCI DSS Compliance. White Paper Parallels Remote Application Server

Deploying VMware Identity Manager in the DMZ. JULY 2018 VMware Identity Manager 3.2

SERV-U MANAGED FILE TRANSFER SERVER FTP SERVER SOFTWARE FOR SECURE FILE TRANSFER & FILE SHARING

ForeScout Agentless Visibility and Control

VMware Identity Manager Cloud Deployment. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager

VMware Identity Manager Cloud Deployment. Modified on 01 OCT 2017 VMware Identity Manager

Cloud Computing Lectures. Cloud Security

Virtualization Security & Audit. John Tannahill, CA, CISM, CGEIT, CRISC

the SWIFT Customer Security

VMware AirWatch Content Gateway for Linux. VMware Workspace ONE UEM 1811 Unified Access Gateway

A10 HARMONY CONTROLLER

VMware AirWatch Content Gateway Guide for Windows

CyberArk Solutions for Secured Remote Interactive Access. Addressing NERC Remote Access Guidance Industry Advisory

Safeguarding Cardholder Account Data

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.

HiveManager Local Cloud

Deploying VMware Identity Manager in the DMZ. SEPT 2018 VMware Identity Manager 3.3

HUAWEI UMA Full Product Datasheet

The Evolution of Data Center Security, Risk and Compliance

Paperspace. Security Primer & Architecture Overview. Business Whitepaper. 20 Jay St. Suite 312 Brooklyn, NY 11201

VMWARE ENTERPRISE PKS

Managing Your Privileged Identities: The Choke Point of Advanced Attacks

AXIAD IDS CLOUD SOLUTION. Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure

AWS Reference Design Document

TALK. agalaxy FOR THUNDER TPS REAL-TIME GLOBAL DDOS DEFENSE MANAGEMENT WITH A10 DATA SHEET DDOS DEFENSE MONITORING AND MANAGEMENT

Security from the Inside

VMware AirWatch Content Gateway Guide for Windows

Securing VMware NSX-T J U N E 2018

Introduction With the move to the digital enterprise, all organizations regulated or not, are required to provide customers and anonymous users alike

Datacenter Security: Protection Beyond OS LifeCycle

Cloud Customer Architecture for Securing Workloads on Cloud Services

VMware AirWatch Content Gateway for Windows. VMware Workspace ONE UEM 1811 Unified Access Gateway

Introduction and Datacenter Topology For Your System

Security in Bomgar Remote Support

Payment Card Industry and Citrix XenApp and XenDesktop Deployment Scenarios

VMware AirWatch Content Gateway Guide for Windows

SoftLayer Security and Compliance:

VMware AirWatch Content Gateway Guide for Windows

Security & Compliance in the AWS Cloud. Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web

REVISED 6 NOVEMBER 2018 COMPONENT DESIGN: UNIFIED ACCESS GATEWAY ARCHITECTURE

CipherCloud CASB+ Connector for ServiceNow

Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)

McAfee Skyhigh Security Cloud for Amazon Web Services

Security & Compliance in the AWS Cloud. Amazon Web Services

Next Generation Firewall

Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13

Security Operations & Analytics Services

NetScaler Analysis and Reporting. Goliath for NetScaler Installation Guide v4.0 For Deployment on VMware ESX/ESXi

Stonesoft Next Generation Firewall. Release Notes Revision B

Axway SecureTransport

Trust in the Cloud. Mike Foley RSA Virtualization Evangelist 2009/2010/ VMware Inc. All rights reserved

ADC im Cloud - Zeitalter

McAfee Data Loss Prevention Prevent 11.1.x Release Notes

Securing Amazon Web Services (AWS) EC2 Instances with Dome9. A Whitepaper by Dome9 Security, Ltd.

Data Sheet Gigamon Visibility Platform for AWS

AKAMAI WHITE PAPER. Enterprise Application Access Architecture Overview

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

Getting Started Guide. VMware NSX Cloud services

Managing and Auditing Organizational Migration to the Cloud TELASA SECURITY

NGFW Security Management Center

Compliance of Panda Products with General Data Protection Regulation (GDPR) Panda Security

VIRTUAL CENTRAL LOCK

VMware Identity Manager Connector Installation and Configuration (Legacy Mode)

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

Crises Control Cloud Security Principles. Transputec provides ICT Services and Solutions to leading organisations around the globe.

company presentation ssh communications security Mika Lauhde VP, Government Relations and Business Development

Corente Cloud Services Exchange

Fencing the Cloud. Roger Casals. Senior Director Product Management. Shared vision for the Identity: Fencing the Cloud 1

CommandCenter Secure Gateway

McAfee Network Security Platform

State of Cloud Adoption. Cloud usage is over 90%, are you ready?

RSA pro VMware. David Matějů. RSA, The Security Division of EMC

Table of Contents HOL-SDC-1415

VMWARE PKS. What is VMware PKS? VMware PKS Architecture DATASHEET

McAfee Network Security Platform 8.3

Securing VMware NSX MAY 2014

Stonesoft Next Generation Firewall. Release Notes Revision A

Security+ SY0-501 Study Guide Table of Contents

Total Security Management PCI DSS Compliance Guide

GoAnywhere MFT System Architecture Guide. For High Availability, Scaling, and Performance

Netwrix Auditor for SQL Server

2 Me. 3 The Problem. Speaker. Company. Ed Breay Sr. Sales Engineer, Hitachi ID Systems.

and public cloud infrastructure, including Amazon Web Services (AWS) and AWS GovCloud, Microsoft Azure and Azure Government Cloud.

Watson Developer Cloud Security Overview

Building a Big IaaS Cloud. David /

Component Assessment

Inside Symantec O 3. Sergi Isasi. Senior Manager, Product Management. SR B30 - Inside Symantec O3 1

Features. HDX WAN optimization. QoS

ArcGIS Online A Security, Privacy, and Compliance Overview. Andrea Rosso Michael Young

Secure Access & SWIFT Customer Security Controls Framework

Transcription:

SSH.COM CryptoAuditor What is CryptoAuditor? SSH.COM CryptoAuditor is a centrally managed virtual appliance for monitoring, controlling and auditing encrypted privileged access and data transfers. Control and audit encrypted 3rd party sessions. See the unseen.

2 SSH.COM Cloud and on-premise access for internals and vendors 57% 57% of organizations have more than 100 3rd party vendors with access to their systems. Do you know how many Nth parties can access your data?

SSH.COM 3 Solve the problem of 3rd party access. CUT THE COST AND RISK OF VENDOR ACCESS No hardware, no CAPEX. Cut OPEX with process-driven, unified, centralized management of internal and 3rd party privileged access to your digital core. Pay-as-you-use, either direct with SSH.COM or via AWS Marketplace for EC2 deployments > SIMPLIFY, TRANSPARENT AND NON-INVASIVE CryptoAuditor is your trusted audit point. Scalable deployment as virtual appliances at key locations in your enironment. No changes to network architecture, no new agents, no user training and no-disruption for end users. INTEGRATE WITH YOUR SIEM, DLP, UEBA, IPS/IDS... CryptoAuditor integrates with your event, analytics and perimiter security - and your existing multifactor authentication solution. You get an audit trail of encrypted traffic that runs through SSH, SFTP, RDP and HTTPS, with indexed logging and session video playback.

4 SSH.COM Your virtual audit point for 3rd party access. SSH.COM CryptoAuditor is a centrally managed virtual appliance for monitoring, controlling and auditing encrypted privileged access and data transfers. It s designed for deployment in front of server farms, databases and network entry points to solve the problem of poorly monitored privileged access, particularly remote vendor access. It terminates and re-opens privileged user sessions, and inspects and records sessions in real time before re-encrypting and pushing the session forward. Sessions are indexed and stored in an encrypted database for reporting, replay and forensic investigation. It s easy to run from the centralized console, and easy to deploy, with no hardware, no agents, no new clients, no user training, and no changes to workflows. It can be deployed in fully transparent mode with no changes to end-user access and login procedures. SSH.COM CrypoAuditor is cloud-ready, integrates with all major DLP, AV, IDS and SIEM systems, and is used by four of the world s five largest banks.

SSH.COM 5 Hardened sessions for the trusted vendors of Fortune 500 companies. Monitor insider and 3rd party access to your digital core Control remote access by vendors, consultants, home workers, and M2M and IoT connections Define privileged access and activities based on user identity Collect forensic evidence for investigations with every keystroke and every pixel Protect critical data and minimize credentials abuse by enabling two-factor authentication Address individual accountability even for shared accounts with AD/LDAP infrastructure View encrypted SSH, SFTP and Remote Desktop traffic at your boundary Prevent data theft with Data Loss Prevention (DLP) and analytics Record, store and index session audit trails for searches, replay and reporting, with support for 4-eyes review Integrate with existing firewalls, detect attacks earlier and resolve issues in real time

6 SSH.COM Hardened sessions Compliant session monitoring and auditing, contextual session control, support for four-eyes authorization and session video playback. Cloud and on-premise Rapid, scalable deployment. No changes to network architecture, no new agents, no disruption and no user training. Cost-effective No hardware, no CAPEX. Cut OPEX with process-driven, unified, centralized management of 3rd party and privileged access.

SSH.COM 7 Remote control. Rewind. Relax. SSH.COM CryptoAuditor is an intelligent proxy designed for deployment in front of server farms, databases and network entry points. Multiple deployment modes: Bastion (nontransparent), Router (Layer 3) and Bridge (Layer 2 with VLAN support). Distributed architecture with multiple Hound audit-points and shared vault storage. High-availability Hound clustering with configurable failure tolerance. Straightforward auditing of privileged activity, including session replay and video sessions. Monitor and record SSH, SFTP, RDP, SSL. Block SSH tunneling to mitigate the threat from user-created backdoors. Searchable database for quick and easy access to recorded session information. Real-time 4-eyes authorization for critical access scenarios. Identity-based policy control with integration to directory services to control privileged access and activities. Manage users and credentials via HTTP REST-based API. Certified compatibility with McAfee, RSA, IBM and VCE vblock. Integrations with SIEM, IDS, DLP, network AV etc. FIPS 140-2 certified cryptography (certificate #1747). Directional control of SFTP. Allowing to upload but not download or reverse.

8 SSH.COM Compliance and forensics for regulated industries Does your board need evidence that 3rd party risk is being assessed, managed, and monitored? Are you mandated by GDPR, PCI-DSS, ISO 27001, or by health or communications authorities to secure your supply chain?

SSH.COM 9 Visibility to encrypted sessions missed by siems Can your SIEM, DLP or UEBA process encrypted session data? Does your IPS/IDS inspect encrypted traffic? Would you like to empower them to do their job?

10 SSH.COM FEATURES AND BENEFITS Multiple deployment modes: Bridge, Router, Bastion High-availability clustering for Hounds, and con gu- rable failure-tolerance policy Transparent network appliance Session replay, including video sessions Searchable database Encrypted storage with audit zones Monitors and records SSH, SFTP, RDP Customizable auditing policies Real-time 4-eyes authorization. HTTP REST API for requesting connection authorization from third-party solutions. Identity-based policy control with integration to directory services Distributed architecture with multiple freelydistribut- able Hound audit-points, and shared Vault storage. Integrates with SIEM, IDS, DLP, Network AV Public and Private Cloud Instance Amazon Machine Image (AMI) available in AWS Marketplace OpenStack (on KVM hypervisor) Fits into diverse network topologies including VLAN-based audit and policy control. Minimal downtime in event of a single Hound node failure. If a single Hound node fails, the system can recover and continue relaying new connections. No need to retrain users to have them use another SSH client or portal, or provide them with new SSH keys. Straightforward audit of privileged activity. Quick and easy access to recorded session information. Audited activity is secured from unauthorized access. Separate audit zones enable access on a need to know basis. Audit high value, privileged access. Comply with security mandates. Focus on high value targets, activities. Extra security layer for accessing critical servers. Control which users can access which servers and what activities they can perform. Adapts easily to changes in network topologies and business processes, enabling fast deployment and low Total Cost of Ownership. Certi ed compatibility with major vendors such as McAfee, RSA, IBM and VCE vblock. Virtual Appliance Supported platforms: VMware ESXi and MS Hyper-V For evaluation purposes Oracle VirtualBox and VMware Workstation (no production use support) PERFORMANCE 930 Mbit/s (unaudited passthrough) Throughput 400 Mbit/s (single encrypted SFTP connection) Simultaneous connections: 3000 SSH or 300 RDP or 300 SSL/TLS Connections New connections per second: 3 SSH or 3 RDP or 10 SSL/TLS * Setup used in the performance test: HP DL320e Gen8 server running VMware ESXi 5.5, CryptoAuditor VM (4 CPUs, 12 GB RAM) THIRD-PARTY APPLICATION SUPPORT SIEM & Syslog IDS DLP and Network AV IBMSecurityQRadarSIEM McAfeeEnterpriseSecurityManager SplunkEnterprise RSASecurityAnalytics HPArcSightLogger Rsyslog Syslog-ng RSASecurityAnalytics RSADataLossPreventionSuite SymantecCloudProtectionEngine McAfeeWebGateway F-SecureInternetGateKeeper * DLP and network AV integration support through the standard ICAP protocol ssh, PrivX, Tectia, Universal SSH Key Manager and CryptoAuditor are registered trademarks or trademarks of SSH Communications Security Corporation and are protected by the relevant jurisdiction-specific and international copyright laws and treaties. Other names and marks are the property of their respective owners. Copyright 2018 SSH Communications Security Corporation. All rights reserved.

SSH.COM 11 DEPLOYMENT AND SYSTEM ADMINISTRATION High Availability Operation VLAN Management Administration HTTP REST-based API Active-Passive redundancy (Hound) * VMware (and hardware appliance) in production use Transparent bridge and router modes Non-transparent bastion mode SOCKS proxy functionality for HTTP/HTTPS auditing Supported in bridge mode Web-based admin UI (current version of Mozilla Firefox for optimal experience) Dedicated management interface CLI On device management accounts AD/LDAP-based management accounts Customizable role-based administration and audit rights Managing users and credentials AUDITING, END-USER AUTHENTICATION & AUTHORIZATION Inspected Protocols SSH(v2),SCP,SFTP,RDP SupportedprotocolscanbeauditedalsorecursivelyinSSHtunnels Audit Levels Optionsbetween Metadataonly,and Fullchannels Monitoring and Policy Control End-User Authentication & Authorization Shared account management Other Rulesbyprotocol,address,port,VLAN,orusergroup Easy-to-useruleveri cationtool Flexibleusercredentialmanagement(throughHTTPREST-basedAPI) OndevicepasswordorSSHpublickey Passthroughpasswordorkeyboard-interactive AD/LDAP-compliantdirectories RADIUS RSASecurID/OTP X.509certi cate(sshonly),withpiv/cacsmartcardsupport HTTPRESTAPIforuserauthorization 4-eyesauthorization.Alertsviae-mail;connectionaccept/rejectintheweb-based admin UI SecurepasswordandSSH-keysafe OCR-basedcontentrecognitionforRDP(LatinandCyrillic) Indexing-enabledfreetextcontentsearching SECURITY Encryption Data Integrity Compliancy System Security KeyExchange:Di e-hellman,rsa HostKey:RSA,DSA Connection:AES-CTR/CBC(128-,192-,256-bit),3DES-CBC,Blow sh,rc4 HMACSHA-1(160-bit,96-bit) HMACMD5(128-bit,96-bit) FIPS140-2compliantoperationthroughcerti edopenssllibrary AllcommunicationbetweenHoundandVaultsecuredbyTLS AllinformationstoredintheVaultis encryptedwith128-bitaes Nouserpasswordscapturedandstored The information in this document is provided as is without any warranty, express or implied, including without any warranties of merchantability, fitness for a particular purpose and any warranty or condition of non-infringement. SSH Communications Security products are warranted according to the terms and conditions of the agreements under which they are provided. SSH Communications Security may make changes to specifications and product descriptions at any time, without notice.

SSH Communications Security, Inc. Max-Planck-Str. 4 85609 Aschheim +49 89 24414124-0 info.de@ssh.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback