Tectia Manager helps increase the data security of the environment it manages, as SSH is leveraged on the managed hosts. Naturally, the functions of the Tectia Manager itself are also implemented securely. Tectia Manager uses encrypted connections so all data is transferred and stored securely. Tectia Manager provides strong authentication to the managed hosts.
- Encrypted Management Connections
The management connections between the Management Agents and the Management Server are encrypted and authenticated with transport layer security (TLS). The server is authenticated with an X.509 certificate and the client with a pre-shared key.
The Management Agents initiate the management connections from the managed hosts to the Management Server.
- Encrypted Database
Critical data in the database is encrypted. The database is protected with secure protocols and strict access control - as is the whole Tectia Manager system. The database may be replicated, backed up, and restored using existing procedures and third-party tools.
- Encrypted Administrator Interface
Tectia Manager offers an encrypted and authenticated web-based administration interface. Administrators can use standard web browsers to access the Tectia Manager administration interface securely, with no Java or plug-ins required. The connections from the administrator's workstation to Tectia Manager are TLS-encrypted with server-side X.509 certificate authentication.
- Efficient Access Control
The administrators are authenticated to the system using passwords and optional TLS client authentication using X.509 certificates. Tectia Manager supports also directory access protocols and can authenticate the users against the data in LDAP or Active Directory. This way authentication information does not need to be maintained in several overlapping systems.
- Audit Trail on Administrator Actions
All actions made by an administrator are logged in audit trails and stored in the database for troubleshooting and accountability.
- Configurable Administrator Permissions
Tectia Manager enables maintaining granular administration privileges. Administrator permissions can be defined as different roles in admin groups, for example Superuser, Auditor, and File Transfer Operator. The roles determine which hosts each administrator is able to manage and view, and which actions (for example, configuring or auditing) they are allowed to perform.
Tectia Manager provides tools for creating dedicated administrator roles with different permissions. Only administrators with appropriate privileges can view, for example, the file transfer and MFT-related information from the database. All administrator actions are logged in audit trails, so the movements of data and access to it are secured in the Tectia Manager operations.