SSH One APIs and Connectors

The SSH One platform offers comprehensive APIs for integrating with identity and access management, configuration management databases, workflow and ticketing systems, security incident and event management, privilege escalation, data loss prevention and various other protocols.

Almost all information in the system can be extracted using the APIs for external reporting. It also means that there is no vendor lock-in. Most data items can also be entered into the system via the API, meaning it is possible to transfer data from other systems into SSH One.

It also supports APIs and connectors for extending the products. These could be used, for example, for intefacing with new mechanisms for scanning SSH keys on hosts and managing them.

The product also supports PKCS#11 interfaces to hardware security modules (HSMs) for secure storage of private keys.

Interface to Identity and Access Management

SSH key management is part of identity and access management. Most customers want to integrate SSH One into their workflows for identity and access provisioning and deprovisioning. SSH One provides REST APIs to help do that.

Many of our customers integrate with, for example, Oracle Identity Manager.

Interface to Configuration Management Databases

Most customers already have a lot of data in various databases describing installed systems and accounts, applications they are used for, responsible people, and various other aspects of this environment. A lot of this information is very useful for speeding up an SSH key management project. SSH One provides REST APIs for importing such infomation.

Many of our customers integrate with, e.g., BMC Atrium or ServiceNow.

Interface to SIEM

SSH One has a two-way integration with security incident and event management (SIEM) systems. On one had, SSH One reads log information from hosts and can import it from a SIEM. The log information is very helpful in, for example, determining which SSH keys are actually being used and how they are used.

On the other hand, various components of SSH One generate their own log data and alerts. These can be sent to a SIEM using the syslog protocol. Alerts can also be triggered in several other ways.

Many of our customers integrate with, for example, Splunk, QRadar, or Arcsight.

Privilege Escalation

The Universal SSH Key Manager component also needs to escalate privileges to execute certain operations with privileged access when it is run without full root privileges.

We have customers using it with, for example, Powerbroker, Dell/Quest/Vintela, Centrify, or sudo. In most cases, these are supported out-of-the box, with minimal configuration.

Data Loss Prevention and Anti-Virus

The CryptoAuditor component is often used together with data loss prevention (DLP) solutions to gain leakage protection for encrypted file transfers. The ICAP protocol is used for integration with these systems. It is supported by most DLP and anti-virus vendors.

Two-Factor Authentication

The CryptoAuditor component can also be used for adding a second factor of authentication at a firewall or boundary, without having to add agents or other software on servers behind the firewall. It can use, e.g., the RADIUS protocol to talk to the two-factor authentication server. This is supported by most two-factor authentication solutions. Various other protocols are also available.

PKCS#11 Integration

The platform also supports PKCS#11 for interfacing with smartcard readers and hardware security modules (HSM).

Many customers use SSH One with, for example, Safenet Luna and readers for PIV/CAC cards as well as various national identity cards. We also support the DoD PKI.