SSH.COM is one of the most trusted brands in cyber security. We help enterprises and agencies solve the security challenges of digital transformation with innovative access management solutions.
Supports SSH, RDP, HTTP(S) and SFTP protocols.
Integration with directory services for role-based access control to target hosts. Microsoft AD, Azure AD via Graph API, Google G Suite, LDAP and OpenID Connect providers (e.g. AWS Cognito, Okta, Ubisecure)
Sign-in to PrivX
Single sign on (SSO) through directory services applications
Username & password for local and directory service users
Multi-factor authentication (MFA), time-based one-time password (TOTP), e.g. Google Authenticator, Duo, Authy
Authentication to target hosts through PrivX
Ephemeral certificate-based authentication to hosts for SSH and RDP connections (OpenSSH and Windows Virtual Smart Card)
PrivX removes dependency on passwords through credentialess access to target hosts. Cut the costs of password vaulting and rotation and minimize your threat surface.
Authentication based on vault-stored credentials also available for all connections including HTTP(S)
Automatically scan and add tagged cloud hosts: AWS, Google Cloud, OpenStack, Azure. Connect to VPC using PrivX Extender (reverse proxy).
Automated deployment. Compatible with Ansible and Chef automated deployment tools.
Capacity, scaling and high availability
100k users and 10k target hosts per instance. Horizontal scaling by adding nodes.
High availability through active-active cluster nodes
Load balancing with sticky-session support
PrivX management through web-based admin UI, HTTP REST API and API end-point and service status page.
Viewable and stored audit events - Audit events visible in the PrivX UI and can be stored to syslog default location.
Session recording and playback for SSH, RDP and HTTP(S) connections. SSH recordings can additionally be indexed and searched.
Audit logs and alerts can be sent to SIEMs or external log collectors including Splunk, IBM Qradar, AWS CloudWatch or Azure Event Hubs.
Communications between directory services and PrivX secured viaTLS
Information stored in the PrivX vault encrypted with AES128 or AES256 GCM
PrivX secrets can be secured using hardware security modules (HSMs)