SSH

Components of the Information Assurance Platform

This section provides brief descriptions of the core products that form the foundations of the SSH Information Assurance Platform.

Deployment Products

Tectia Client and Tectia Server

Enterprise-class solution for securing system administration, file transfer and application connectivity in heterogeneous enterprise networks.

  • Transparent TCP Tunneling on Windows.

  • Strong FIPS 140-2 certified encryption.

  • Full X.509 PKI support, RSA SecurID, Kerberos, and Windows Domain authentication.

Tectia SSH for Mainframes

Enterprise security solution to fully integrate SSH and SFTP to the IBM z/OS (Tectia Server for IBM z/OS) and System z platform (Tectia Server for Linux on IBM System z) for secure mainframe access

  • Transparent FTP-SFTP Conversion.

  • Acceleration support for all FIPS 140-2 certified IBM cryptographic hardware.

  • Direct access of MVS datasets.

  • Utilize existing RACF/ACF2/TSS key rings and ICSF keys, as well as SAF and certificate validation.

Tectia ConnectSecure

Tectia ConnectSecure consists of Tectia FTP-SFTP Converter and Tectia PCI Point to Point Encryption components.

It enables organizations to quickly and cost effectively secure any FTP file transfer or application traffic without having to modify the existing infrastructure, scripts or applications.

  • Transparent FTP conversion and TCP tunneling.

  • Checkpoint/restart functionality ensures large files are transferred reliably.

  • Client-side SFTP API (application programming interface) for Java and C.

  • Utilize existing RACF/ACF2/TSS key rings and ICSF keys, as well as SAF and certificate validation.

Management Products

Universal SSH Key Manager

Enterprise solution to discover, organize and manage private and public keys relationships to end users, service accounts and application IDs in Tectia SSH, OpenSSH, and many other third-party SSH environments.

  • Automatically collect private and public user-key information within the managed environment.

  • Monitor SSH key-based logins and provide insight into which keys are being used and from where.

  • Automate private and public-key management (distribution, replacement, removal).

SSH Host Key & Configuration Manager (Tectia Manager)

Handle all configuration management, host key management, policy enforcement, monitoring, auditing and reporting in both Tectia SSH and OpenSSH environments.

  • Perform mass installations, upgrades, and uninstalls

  • Create, maintain, assign, and deploy sets of SSH software configurations

  • Manage and automate server-host authentication with automatic public-key distribution

Visibility Products

CryptoAuditor

Monitor, audit and control privileged user access across SSH and RDP protocols centrally, transparently and in real time.

  • Distributed inline solution with minimally invasive deployment: no changes on user experience or applications.

  • Central storage of audit trails in encrypted format.

  • Real-time content-based alerts with SIEM integration.

  • IDS/DLP integration for content analysis, and command and data-transfer prevention.