UKM Zero Trust
centralized SSH key management solution
New effortless, painless, and keyless access
Secure your business with a proven Zero Trust key(less) management solution. Discover and manage all your SSH keys and account to mitigate risks. Reduce complexity with automation features. Migrate to keyless SSH access and never fail an IT audit again due to unmanaged SSH keys.
Control and mitigate SSH key risks
Universal SSH Key Manager® (UKM) is a Zero Trust SSH key management solution that automates governing of SSH keys according to compliance and security standards.
UKM mitigates risks, reduces key management complexity, and helps pass IT audits.
The proven centralized SSH key management solution
Discover
Assess your risks, discover all SSH access (automated and interactive) across your IT infrastructure, and identify all policy-violating SSH keys.
Manage
Implement systematic monitoring and control of your environment via centralized SSH key management. Remove encryption keys that are uncompliant, unmanaged, or bypassing your controls.
Automate
Automate the full lifecycle of SSH keys and simplify the effort of staying compliant. Ensure all your sessions are audited, logged, and tracked.
Zero Trust
Radically reduce the overhead of managing permanent SSH keys and move to keyless, just-in-time Zero Trust access with short-lived certificates.
Compare the different UKM editions
Choose the best fitting UKM edition to manage your SSH keys.
Capability | Analyze | Comply & Automate | Zero Trust |
---|---|---|---|
User Interface authentication with Windows AD, LDAP, SAMLv2 |
●
|
●
|
●
|
High availability |
●
|
●
|
●
|
User account inventory |
●
|
●
|
●
|
SSH Key inventory |
●
|
●
|
●
|
Trust relationship mapping |
●
|
●
|
●
|
SSH key usage |
●
|
●
|
●
|
SSH access discovery (password/key/certificate) |
●
|
●
|
●
|
Compliance validation: NIST, HIPAA,PCI-DSS, etc. |
●
|
●
|
●
|
Compliance reporting |
●
|
●
|
●
|
User key management: removal, rotation, provisioning, hardening | - |
●
|
●
|
Elimination of self-provisioning SSH keys | - |
●
|
●
|
Application-based visibility and control of user keys | - |
●
|
●
|
Capability | Analyze | Comply & Automate | Zero Trust |
Hostkey rotation and distribution | - |
●
|
●
|
SSH client/server configuration management | - |
●
|
●
|
Rest APIs | - |
●
|
●
|
GUI automation flows | - |
●
|
●
|
SSH access with Keyless, Certificate-based JIT authentication | - | - |
●
|
SSH access with AD, OpenIDC, or LDAP authentication | - | - |
●
|
SSH access with Multi-Factor Authentication (MFA) | - | - |
●
|
Virus scanning and file validation on file transfers | - | - |
●
|
Centralized SSH connection control | - | - |
●
|
SSH session recording | - | - |
●
|
SSH auditing with SIEM integration | - | - |
●
|
SSH sub-protocol control, e.g. allow/deny SFTP/x11-forwarding | - | - |
●
|
Reduce SSH key complexity and risks with UKM
1. Eliminate SSH key risks and attack vectors
SSH keys are complex and can easily go unmanaged. These unmanaged SSH keys are then highly sought after by malicious actors.
With UKM, you remove security risks caused by ungoverned keys that might look legitimate to your existing security controls.
2. Centralize & automate SSH key lifecycle management
By default, SSH key management is decentralized and complex.
With UKM, you manage and discover all authentication keys, key configurations, and SSH login files in a centralized, universal SSH key manager. You can also automate SSH key processes, like provisioning, rotation, remediation, etc.
3. Secure and track your encrypted M2M connections
Machine-to-machine connections are not managed by PAM tools. You need a centralized SSH key management tool, like UKM, to manage your M2M connections, automate routines, track machine credentials, and audit all automated sessions.
UKM also ensures that all M2M connections meet your security policies and use compliant encryption standards and protocol versions.
Learn about the best practices for securing machine credentials in our whitepaper >>>
4. Enforce security policies and pass IT audits
UKM warns you about SSH keys that violate your policies, contravene regulations, or are used ungoverned. You can upgrade, rotate, and delete outdated keys with the option to reverse any action.
With UKM, you enforce compliant access control policies throughout your entire organization.
5. Reduce complexity with Zero Trust keyless access
With UKM, you can maximize key lifecycle automation and radically reduce the number of SSH keys in your environment.
UKM Zero Trust grants only just enough access (JEA), just-in-time (JIT), and with the least privilege needed to get the job done - without leaving any SSH keys behind to manage.
6. Choose zero-touch SSH access governance
UKM Zero Trust makes it easy to manage your SSH keys. You can manage authentication keys in their native locations without complicated vaulting onboarding processes.
UKM Zero Trust comes with non-intrusive deployment without changes to the SSH configuration files, your existing key architecture, or application code.
Customers love UKM Zero Trust!
Thanks to our customers, we have the Net Promoter Score (NPS) score of 71 for our UKM Zero Trust, a centralized SSH key management solution.
SSH is the perfect partner for us and we work very well together. The progress we have made over the past 4 years has been amazing.
Global top 10 bank IT architect
We have a very good working relationship with SSH.COM. When we have a new issue, they are able to do that quickly. When we need something, they listen.
UKM customer
UKM is very stable. It’s easy to use once you understand the concept.
UKM enterprise user