Your browser does not allow storing cookies. We recommend enabling them.


Auditable Security of the SSH Environment

The security of remote connections and file transfers depends on having up-to-date SSH software running on the hosts. Tectia Manager automatically collects extensive information on the managed hosts, their operating systems, installed SSH software and the performed SSH operations.

Example of a standard report listing the SSH products detected on the managed hosts

Figure 2.6. Example of a standard report listing the SSH products detected on the managed hosts

The data is collected from the host system logs by the Management Agent which forwards the logged data from the hosts to Management Server through the encrypted management connection once a minute. In case the management connection is temporarily off, the Management Agent stores the data until the connection is on again.

The reliability of the collected data depends on the security of the Tectia Manager operations. Tectia Manager logs its own operations and the management connections between the Management Agents and the Management Server are encrypted and TLS-authenticated to protect the moving data. The logs stored in the Tectia Manager database can be exported to postprocessing in text or spreadsheet format.

Tectia Manager collects logs on the following types on data:

  • All events of the Management Server. The events are stored in the system log of the host where the server is running.

  • All Tectia Manager administrator actions are logged for a complete audit trail. The logs are stored in the Tectia Manager database in encrypted format.

  • On each managed host, the Management Agent gathers detailed data about the host, for example the operating system version, host keys and whether the host has SSH software installed (including the versions and configuration).

  • The Management Server stores the collected data in the database, and generates predefinied and customized reports which can be viewed online, or exported in CSV and TXT formats for post-processing by an external system.

  • Only Tectia Manager administrators with appropriate privileges can view the statistics and reports generated of the collected data.




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now