UKM Zero Trust
zero trust enterprise SSH key management solution
Control SSH Key risks efficiently
Universal SSH Key Manager® (UKM) is a Zero Trust Encryption Key Management solution that automates governing thousands of keys according to compliance and security standards. It mitigates risks, reduces key management overhead, and helps pass IT audits.
SSH keys are critical access credentials
Just like passwords, SSH keys grant access to critical infrastructure or data, including credit card data, medical records, tax records, email servers and firewalls and VPNs.
SSH keys typically outnumber passwords 10 to 1. Yet they are mostly unmanaged. Secure your business with a proven key management solution and migrate to efficient Zero Trust, keyless SSH access.
The proven key manager solution
Discover
Asses your risk posture, discover all SSH access (automated or interactive) across your IT infrastructure and identify all policy-violating encryption keys.
Manage
Implement systematic monitoring and control of your SSH Key environment to remove keys that are uncompliant, unmanaged or bypassing your controls.
Automate
Automate the full lifecycle of vast numbers of cryptographic keys to simplify the effort of staying compliant and ensuring all your sessions are audited, logged and tracked.
Zero Trust
Radically reduce the overhead of managing permanent SSH Keys to manage, and move to keyless, just-in-time Zero Trust access with short-lived certificates.
Compare the different UKM editions
Choose the best fitting UKM edition to manage your SSH keys.
Capability | Analyze | Comply & Automate | Zero Trust |
---|---|---|---|
User Interface authentication with Windows AD, LDAP, SAMLv2 |
●
|
●
|
●
|
High availability |
●
|
●
|
●
|
User account inventory |
●
|
●
|
●
|
SSH Key inventory |
●
|
●
|
●
|
Trust relationship mapping |
●
|
●
|
●
|
SSH key usage |
●
|
●
|
●
|
SSH access discovery (password/key/certificate) |
●
|
●
|
●
|
Compliance validation: NIST, HIPAA,PCI-DSS, etc. |
●
|
●
|
●
|
Compliance reporting |
●
|
●
|
●
|
User key management: removal, rotation, provisioning, hardening | - |
●
|
●
|
Elimination of self-provisioning SSH keys | - |
●
|
●
|
Application-based visibility and control of user keys | - |
●
|
●
|
Capability | Analyze | Comply & Automate | Zero Trust |
Hostkey rotation and distribution | - |
●
|
●
|
SSH client/server configuration management | - |
●
|
●
|
Rest APIs | - |
●
|
●
|
GUI automation flows | - |
●
|
●
|
SSH access with Keyless, Certificate-based JIT authentication | - | - |
●
|
SSH access with AD, OpenIDC, or LDAP authentication | - | - |
●
|
SSH access with Multi-Factor Authentication (MFA) | - | - |
●
|
Virus scanning and file validation on file transfers | - | - |
●
|
Centralized SSH connection control | - | - |
●
|
SSH session recording | - | - |
●
|
SSH auditing with SIEM integration | - | - |
●
|
SSH sub-protocol control, e.g. allow/deny SFTP/x11-forwarding | - | - |
●
|
Reduce Key complexity and risks
1. Eliminate SSH risks and attack vectors
Mismanaged SSH Keys are highly sought after by malicious agents, may end up in the hands of 3rd parties, and are used without proper oversight by Dev teams. Remove security backdoors caused by ungoverned use of encryption keys that might look legitimate to your existing security controls.
Learn more about bypassing privileged access management with SSH keys>>>
2. Centralize & automate SSH key lifecycle management
By default, SSH keys are used decentralized across multiple targets and without proper key ownership. Manage and discover hard-to-find keys, key configurations and SSH login files under a single pane of glass.
Automate key provisioning, rotation and remediation and integrate key authorization processes with ticketing systems for delegation of credentials ownership.
.
3. Secure and track your encrypted M2M connections
Ensure that your automated Secure Shell M2M connections meet your security policies and use the most secure and compliant encryption standards and protocol versions - along with interactive connections.
UKM Zero Trust gets vast numbers of SSH-enabled M2M connections under management, automates routines with no disruption to processes, and tracks and audits all sessions.
4. Enforce security policies and pass IT audits
Get warnings of keys that violate your policies, contravene with regulations or are used ungoverned. Upgrade, rotate and delete outdated encryption keys with confidence and with full rollback options. Ensure that compliant access control policies are enforced organization-wide with all SSH key use.
Learn how SSH keys can make you fail an audit.
5. Reduce complexity with automation & keyless access
Minimize complexity and management overhead by maximizing key lifecycle automation and radically reducing the number of SSH keys in your environment.
UKM Zero Trust grants only just enough access (JEA), just-in-time (JIT), and with the least privilege needed to get the job done - without leaving any SSH Keys behind to manage.
6. Choose zero touch SSH access governance
Manage SSH encryption keys in their native locations without complicated vaulting onboarding processes. Enjoy non-intrusive deployment without changes to the Secure Shell configuration files, your existing key architecture, or application code.
Customers love UKM Zero Trust!
We invented SSH Keys, we are the authority on SSH Key management and, thanks to our customers, we have the Net Promoter Score (NPS) score of 71 for UKM Zero Trust Key management solution to prove it.
SSH.COM is the perfect partner for us and we work very well together. The progress we have made over the past 4 years has been amazing.
Global top 10 bank IT architect
We have a very good working relationship with SSH.COM. When we have a new issue, they are able to do that quickly. When we need something, they listen.
UKM customer
UKM is very stable. It’s easy to use once you understand the concept.
UKM enterprise user