Your browser does not allow storing cookies. We recommend enabling them.


Secure Application Connectivity

The Tectia client/server solution can be used to replace unsecured TCP-based terminal connections (for example, Telnet) to business-critical enterprise applications. Through strong encryption and data integrity, the Tectia client/server solution protects sensitive data and passwords against unauthorized access, facilitating compliance with regulations and best practices. Strong authentication of users is supported through broad integration with third-party authentication systems, including RSA SecurID and public-key infrastructure (PKI).

The Tectia client/server solution offers the following ways of securing data communications between standard TCP-based applications:

  • Tunneling, or port forwarding, is a way to forward otherwise unsecured application traffic through Secure Shell. Tunneling can provide secure application connectivity, for example, to POP3, SMTP, and HTTP-based applications.

    Tunneling provides encryption and strong two-factor authentication to third-party network client applications. Tectia allows different forms of tunnels depending on the environment and type of usage of the workstations or user terminals.

    The Secure Shell v2 connection protocol provides channels that can be used for a wide range of purposes. All of these channels are multiplexed into a single encrypted tunnel and can be used for tunneling (forwarding) arbitrary TCP/IP ports and X11 connections.

  • The sshg3 command-line tools can be used interactively or in scripts.

Secure connectivity over Internet

Tunneling makes it possible to access e-mail from any type of Internet service irrespective of the access method (modem, GPRS, 3G, a DSL line, a cable connection, or a hotel Internet service). As long as the users have a TCP/IP connection to the Internet, they can get their e-mail and access other resources from anywhere in the world securely.

Non-transparent tunnels

Tectia Client supports non-transparent application tunneling, which means that the tunneled applications need to be defined on the basis of the TCP ports they use. Applications with dynamic ports are not supported.

Transparent tunnels

With the transparent TCP tunneling feature activated on the client-side (on Tectia ConnectSecure), TCP-based applications can be tunneled transparently without changing the end-user experience or requiring any modifications on the applications, thus reducing the total cost of ownership.

Static tunnels

Tectia Client can also be used for application protection using the static tunneling feature. As opposed to transparent TCP tunneling, static tunnels are configured so that an application connects to a local port running Tectia Client, and the Client tunnels the application to a specified remote host.




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now