Windows SSH Client for Centralized Access Control
Administrators using PuTTY with centralized policy and enforcement
Are you in control of your SSH, or is it in control of you?
Since the end of the “PKI Wars” in the early 2000s, many question the security of Windows desktops environments. This is because it can be difficult to verify whether they’ve been fully locked down.
For Linux/UNIX administrators the tool of choice to log in to systems for remote session administration is PuTTY, a free command line tool, or SuperPuTTY, a Windows edition with scalable windows.
BoKS® ServerControl reaches out to the critical administrators and enforces which credential is used for login depending on location, time of day, and which initial system it may be connected to.
How We Help You Gain Control
Enforce Access Policies
Enforce BoKS access policies within the administrator’s SuperPuTTY desktop application
Require PKI Certificate Logins
Support and require PKI certificate login
Support Smart Card/USB Token Logins
Support logins via PKI-based corporate smart cards or PKI USB tokens
Incorporate Biometric Unlocking
Support biometric fingerprint challenge unlocking corporate ID certificate login
Require SSH Key Logins
Support and require SSH user key logins
Require Kerberos Logins
Support and require automatic Kerberos logins (usually associated with the user logging into Microsoft Active Directory, or MIT Kerberos directories first)
Import SSH Keys Automatically
Automatically import host SSH keys as needed from the BoKS database on a session-by-session basis, eliminating the need for mass SSH host key distribution to all administrator’s desktops
What This Means to You
Meet Compliance Requirements
Meet access/authorization regulations as described in SOX, HIPAA, GLBA, PCI DSS, FDCC, and FISMA where multi-factor authentication and/or biometric authentication is mandatory.
Reduce Admin Overhead
Remove manual distribution of SSH host keys to insecure desktops or laptops.
Enforcing policies makes it impossible for an administrator to manually add a host key, and prevents logins to that secure host, boosting security and preventing intrusion.