SSH

Chapter 1 Introduction

Tectia Manager is a versatile tool for centralized management, monitoring and auditing of Secure Shell (SSH) environments. Tectia Manager is designed for large multi-platform networks to ease the management of the SSH solution and to help ensure compliance with a broad set of data security regulations and legislation.

Tectia Manager icon

Figure 1.1. Tectia Manager icon

The purpose of Tectia Manager is to:

Manage the Secure Shell solution

Tectia Manager helps reduce administrative overhead and operating costs by making it easy to manage large Secure Shell environments.

Tectia Manager provides a central management point for detecting Tectia SSH and OpenSSH products. The administrators can group the hosts in logical views, and perform management tasks per host group.

Tectia Manager can be used to distribute Tectia Client, ConnectSecure, and Server software updates quickly and efficiently to the managed hosts. This helps in keeping the Secure Shell software up to date.

Enforce a consistent security policy based on data security regulations

Tectia Manager is ideal for enterprises who need to comply with regulations such as FISMA (the US Federal Information Security Management Act), HIPAA Title II Security Rule regulating healthcare data, PCI-DSS regulating payment card security, and SOX (Sarbanes-Oxley Act or Public Company Accounting Reform and Investor Protection Act).

Tectia Manager helps enforce a unified security policy in multi-platform environments cost-effectively. The security policy is implemented by deploying centrally managed configurations to the managed hosts.

Administrators can create new configurations, or retrieve any Tectia Client, Server or ConnectSecure configuration file from a remote host and edit the settings, plus assign and deploy the configuration to a host or host group. Tectia Manager supports also editing OpenSSH configurations, so the entire SSH environment can be managed with a single tool.

Detailed reports about the configurations are available for security audits.

Rationalize host authentication

Tectia Manager can manage the host keys of OpenSSH and Tectia Servers, and distribute the keys to managed SSH clients. Tectia Manager's automated host key distribution saves users from notifications about changed host keys, and makes sure the correct and valid host keys are used to authenticate the server hosts.

Tectia Manager generates reports on the host keys, so the administrators can monitor the key types and sizes and host key distribution status.

Help monitoring SFTP and MFT file transfers from a central point

Tectia Manager collects all Secure File Transfer (SFTP) -related logs from the managed OpenSSH and Tectia Server hosts, and Managed File Transfer (MFT) logs from Tectia MFT Events. Tectia Manager saves the data in its database, from where the details are retrieved into statistics and reports. The SFTP and MFT logs are handled separately and detailed reports are available for both.

The nearly real-time data helps troubleshooting the file transfers. The Management Agents send in data once a minute, so administrators can immediately react to failed transfers or un-authorized file access attempts.

Tectia Manager provides multiple pre-defined report views for monitoring the different aspects of secure file operations per user, client or server, or per transfered file.

Enable auditing the SSH environment

Tectia Manager collects detailed data on the hosts where SSH products are running, and saves the data securely in its database for non-repudiation reasons.

Tectia Manager generates several types of statistics and reports on the SSH environment and on events on the managed hosts. The reports provide data for auditing. The generated reports can be viewed on Tectia Manager or exported in spreadsheet or text format to an external monitoring or post-processing system.