JVL | Edition de logiciels | Consulting

Edition de logiciels | Consulting

1

Articles


Identity and Access Management for Secure Shell Infrastructure

As the inventors of the Secure Shell protocol, SSH Communications Security is focused on helping IT organizations secure the path to their information assets. Our Universal SSH Key Manager is a multiplatform, scalable solution that brings compliance and control to Secure Shell environments. Universal SSH Key Manager reduces risk of unauthorized access from both internal and external actors, solves thorny compliance issues and reduces costs.

The Challenge
Traditional approaches to managing SSH user keys are time consuming and expensive, and there is little if any automation or auditability. Because so many business critical functions - many of them automated - rely on SSH, it is very difficult to bring SSH Key management under control without disrupting those functions. The problem is highlighted when there is need to revoke access when there are organizational changes, employee departures, mergers and acquisitions.
Enterprises generate significant overhead in the day to day activity of SSH user key setups, have increased risk from the lack of key renewals and removals, and face pressure from compliance initiatives.
A non-disruptive solution is needed to eliminate inefficient and error prone manual processes, dramatically reduce risk and address compliance exposures. Finally, processes and controls are needed to take care of the issues now and ensure they don’t re-emerge in the future.

The Solution
SSH Communications Security’s Universal SSH Key Manager (UKM) is an enterprise grade SSH user key management solution. UKM takes a non-disruptive approach that enables enterprises to gain and retain control of the SSH infrastructure without interfering with production systems. No need to rip and replace how users get their work done or change the hundreds of automated processes that are the lifeblood of ongoing business. UKM’s non-disruptive approach is based on three principles:

Discover: Discover all SSH keys, map trust relationships and identify policy violations.
Remediate: Remove keys that should be revoked and bring valid keys under correct policy compliance.
Manage: Eliminate manual processes, centralize control, enforce compliance, audit all activity

UKM on average saves a typical Fortune 1000 organization $1 to $3 million per year in overhead costs while reducing the risk of serious security breach and resolving open compliance issues. Whether your environment uses OpenSSH or Tectia, UKM brings this complex problem under control.

Features

  • Agentless discovery
  • Multiple, redundant management instances
  • Multiplatform support – Unix, Linux, Windows, IBM z/OS
  • RESTful API
  • Automated key creation, update, removal
  • Central management and enforcement of SSH client and server configurations
  • Real time alerts
  • Audit trail
  • Compliance support

Benefits

  • High scale, high availability
  • Deployable in vast majority of enterprises
  • Link to existing IAM infrastructure
  • Lower costs, fewer errors, faster turnaround
  • Policy control, stronger security, fewer errors
  • Fix violations in real time
  • Easier compliance reporting
  • Enables compliance to current requirements and planned updates to PCI, NIST/FISMA, SOX, HIPAA, Basel II mandates

Tectia UKM