Difference between revisions of "Control Boxes"
| Line 1: | Line 1: | ||
[[Category:Control Systems]]{{Knoppen}} | [[Category:Control Systems]]{{Knoppen}} | ||
[[File:Control boxes.gif|thumb|right|Control Boxes]] | [[File:Control boxes.gif|thumb|right|Control Boxes]] | ||
'''Control Box''' is a device for controlling and monitoring administrative protocols used for remote access or management in computer technology. Control boxes inspects remote access protocols such as SSH, RDP, Telnet, or Vnc protocols. It can act as a transparent device, as a Router or a Network switch an also in different non-transparent ways . | |||
==Functions== | ==Functions== | ||
Control box controls only administrative protocols with the embedded application layer gateway technology. | Control box controls only administrative protocols with the embedded application layer gateway technology. | ||
===Access control at the connection layer=== | ===Access control at the connection layer=== | ||
Enforced policy controls classical network access control mechanisms: source IP, destination IP/port and protocol enforcement by layer 7 protocol analysis. It also controls user IDs by classical blacklisting or whitelisting. | Enforced policy controls classical network access control mechanisms: source IP, destination IP/port and protocol enforcement by layer 7 protocol analysis. It also controls user IDs by classical blacklisting or whitelisting. | ||
===Advanced authentication and authorization=== | ===Advanced authentication and authorization=== | ||
Control box supports gateway authentication, which is a two factor authentication served by SCB: users initiate connections and they also have to login to control box and enable their own connections.Control box also supports four eyes principle, when users who log in must differ from enabler user. It ensures the user cannot log in without permission. | Control box supports gateway authentication, which is a two factor authentication served by SCB: users initiate connections and they also have to login to control box and enable their own connections.Control box also supports four eyes principle, when users who log in must differ from enabler user. It ensures the user cannot log in without permission. | ||
===Channel Control=== | ===Channel Control=== | ||
RDP and SSH protocols implements channels on the top of connection layer. Each SSH and RDP functions are performed in dedicated channels such as shell is in session shell channel or drawing is the channel of desktop forward in RDP. Control box implements an advanced control on channels enabled to use. It is useful for disabling port forwards, copy and paste and such other functions. | RDP and SSH protocols implements channels on the top of connection layer. Each SSH and RDP functions are performed in dedicated channels such as shell is in session shell channel or drawing is the channel of desktop forward in RDP. Control box implements an advanced control on channels enabled to use. It is useful for disabling port forwards, copy and paste and such other functions. | ||
===Audit and forensics tool=== | ===Audit and forensics tool=== | ||
Inspected protocol content can be stored in a record, called audit trail, and could be replayed by the audit player tool. Audit trail can be used as a digital evidence. As the whole connection can be replayed it rises some privacy problems in different countries. | Inspected protocol content can be stored in a record, called audit trail, and could be replayed by the audit player tool. Audit trail can be used as a digital evidence. As the whole connection can be replayed it rises some privacy problems in different countries. | ||
Latest revision as of 04:58, 7 December 2012
Control Box is a device for controlling and monitoring administrative protocols used for remote access or management in computer technology. Control boxes inspects remote access protocols such as SSH, RDP, Telnet, or Vnc protocols. It can act as a transparent device, as a Router or a Network switch an also in different non-transparent ways .
Functions
Control box controls only administrative protocols with the embedded application layer gateway technology.
Access control at the connection layer
Enforced policy controls classical network access control mechanisms: source IP, destination IP/port and protocol enforcement by layer 7 protocol analysis. It also controls user IDs by classical blacklisting or whitelisting.
Advanced authentication and authorization
Control box supports gateway authentication, which is a two factor authentication served by SCB: users initiate connections and they also have to login to control box and enable their own connections.Control box also supports four eyes principle, when users who log in must differ from enabler user. It ensures the user cannot log in without permission.
Channel Control
RDP and SSH protocols implements channels on the top of connection layer. Each SSH and RDP functions are performed in dedicated channels such as shell is in session shell channel or drawing is the channel of desktop forward in RDP. Control box implements an advanced control on channels enabled to use. It is useful for disabling port forwards, copy and paste and such other functions.
Audit and forensics tool
Inspected protocol content can be stored in a record, called audit trail, and could be replayed by the audit player tool. Audit trail can be used as a digital evidence. As the whole connection can be replayed it rises some privacy problems in different countries.