GoIPNow Security NetWork

         Home       Thai     Eng
Your Flash Player is Old Version Please Download New Version Here


Product

Your Flash Player is Old Version Please Download New Version Here

BalaBit Shell Control Box


Oversee and control your external and in-house system administrators! Collect reliable information for forensics situations! Improve the auditability of your business processes!

Do you want to fully audit your server-administration processes? Do you have to comply to the SOX, HIPAA, or other financial regulations? Is the maintenance of your IT services outsourced to an external company? Or do you just want to know everything about the servers running your business-critical services?

Quick, radical, efficient

Define a new level of liability above server administrators with the preinstalled and Shell Control Box (SCB). SCB enforces your global regulations for every administrator in a transparent way, without having to modify the application environment. Owing to the clear and intuitive web interface even detailed tuning of the default configuration is amazingly simple and quick.    BalaBit

Reliable auditing

SCB gives you the power to transparently audit the SSH and RDP (MS Remote Desktop Protocol) channels used in server administration. All traffic (including configuration changes, executed commands, etc.) is logged and archived into audit trails. All data is stored in digitally encrypted files, preventing any modification or manipulation. In the case of any problems (server misconfiguration, database manipulation, unexpected shutdown) the circumstances of the event are readily available in the audit trails, thus the cause of the incident can be easily identified.

Like watching a movie

The recorded audit trails can be displayed like a movie - you can see exactly what the administrator did, just like you had been watching his monitor! All audit trails are indexed, enabling fast forwarding, searching the texts seen by the administrator, and more.

Full control over the SSH and RDP channels

You can precisely control all aspects of the SSH and RDP connections using SCB, specifying the boundaries of the administrators' work:

  • Disable unwanted SSH features (e.g.: TCP port forwarding, file transfer, VPN, etc.)
  • Enforce the use of the selected authentication methods (password, ssh-key, etc.)
  • Specify encryption parameters and the permitted algorithms

SCB can also verify the host keys of the server to prevent man-in-the-middle attacks.

  

Special features

Feature Description Benefit
 
Protocol compliance inspection SCB verifies that all passing SSH and RDP traffic complies to the specifications of the protocol. Protection from security risks resulting from erroneous applications and protocol-level attacks.
Service control Enable or disable SSH channels and services. System administrators have access only to the SSH services requires for their work. This reduces the risk of accidental or intentional damages without affecting the work performance.
Enforce authentication methods Servers protected by SCB can be accessed only using the authentication methods enabled by the company. System administrators are not able to reduce the authentication level out of convenience or other reasons.
SSH key verification SCB automatically verifies the keys used in the SSH channels. Prevents the so-called "man-in-the-middle" attacks.
Audit trails The complete SSH traffic is recorded into compressed, timestamped, encrypted files. Enables the auditing of server-administration processes and the evaluation of the system administrators' work.
Movie-like replay Realtime replay of the selected terminal session. Auditors can review the actions of the system administrator from the administrator's perspective, finding errors more easily.
New management layer Define and auditor level above the system administrators. The auditor, as the chief system administrator can physically limit and control the administrator's privileges.
Global rules The auditor can create global, physically enforced rules that applying to every system administrator. The security policy related to server administration can be implemented and controlled from a single location, and can be effortlessly modified if needed.
Transparency SCB deployed to the proper location of the network can immediately perform its task, without having to modify other network devices or applications. SCB provides a solution for long-standing security and auditing problems in a fast, cost-effective, single step.
Web based user interface Clean, easy-to-use web based graphical interface available from most modern browsers. Completely platform-independent solution, low maintenance cost and TCO.
SUN server technology Shell Control Box is based on SUN Fire x2100 and x2200 servers. SUN's servers guarantee the required performance and high availability.