SSH Tectia Connector on the client side and SSH Tectia Server with Tunneling Expansion Pack allow transparent tunneling of TCP/IP-based in-house and commercial applications, without changing the end-user experience or requiring any application-specific modifications, thus reducing the total cost of ownership.
SSH Tectia Connector and Tunneling Expansion Pack for SSH Tectia Server have the following main features in addition to the general tunneling features described in Secure Shell Protocol Features.
Transparent application tunneling
SSH Tectia Connector enables transparent application tunneling without the need to modify the tunneled applications. The main barrier for wider adoption of Secure Shell tunneling is eliminated, as there is no more need to reconfigure application client's network settings with localhost addresses. When the connection is initiated by the application client, SSH Tectia Connector transparently captures the connection and establishes a secure tunnel according to the policy rules.
Fine-grained policy control
Administrators can freely define application security policies including rules to tunnel, allow plaintext, or block specific client-side application connections. The flexible configuration interface provides administrators with multiple ways of specifying the tunneled applications; applications can be identified according to destination address and/or port, application name, or location of the application client binary.
SSH Tectia Connector and SSH Tectia Server with Tunneling Expansion Pack have been designed to be centrally managed with the optional SSH Tectia Manager product. Centralized installation, policy configuration, and monitoring enable highly cost- effective deployment and maintenance of secure application connectivity in heterogeneous environments. For more information, see SSH Tectia Manager Administration Manual.
Broad application support
SSH Tectia Connector and SSH Tectia Server with Tunneling Expansion Pack can be used to tunnel any TCP-based user client/server application including both commercial application software and internal legacy applications.
Secure TN3270 connectivity
SSH Tectia Connector together with SSH Tectia Server for IBM z/OS allows transparent encryption of TN3270 application connections between Windows workstations and mainframes. Mainframe RACF passwords can be used for authenticating Secure Shell connections. For more information, see SSH Tectia Server for IBM z/OS Administration Manual.
CryptiCore® encryption and authentication
The SSH G3 architecture and the high-speed CryptiCore® algorithms (Intel platforms) help in meeting performance requirements of large-scale application access scenarios. CryptiCore enables up to 600 Mb/s application tunneling throughput in 1Gb networks.