Difference between revisions of "Control Boxes"

From SolidsWiki
Jump to navigation Jump to search
 
Line 1: Line 1:
[[Category:Control Systems]]{{Knoppen}}  
[[Category:Control Systems]]{{Knoppen}}  
<noinclude><!------------------------------------------------
* READ THIS FIRST
* Only edit this page if you can improve the content.
* Improper use of this page will lead to permanent banning.
* Please do not edit the sponsored link on the top right corner.
* Please start editing this page after the /noinclude
* -------------------------------------------------></noinclude>
[[File:Control boxes.gif|thumb|right|Control Boxes]]
[[File:Control boxes.gif|thumb|right|Control Boxes]]
'''Control Box'''  is a device for controlling and monitoring administrative protocols used for remote access or management in computer technology. Control boxes inspects remote access protocols such as SSH, RDP, Telnet, or Vnc protocols. It can act as a transparent device, as a Router or a Network switch an also in different non-transparent ways .


'''Control Box'''  is a device for controlling and monitoring administrative protocols used for remote access or management in computer technology.Control Boxe is a Linux based device developed by Balabit IT Security and based on Zorp technology.Control box inspects remote access protocols such as SSH, RDP, Telnet, or Vnc protocols. It can act as a transparent device, as a Router or a Network switch an also in different non-transparent ways . Since 2009 SCB was re-branded by Tectia under the name SSH Tectia Guardian.


==Functions==
==Functions==
Control box controls only administrative protocols with the embedded application layer gateway technology.
Control box controls only administrative protocols with the embedded application layer gateway technology.


===Access control at the connection layer===
===Access control at the connection layer===
Enforced policy controls classical network access control mechanisms: source IP, destination IP/port and protocol enforcement by layer 7 protocol analysis. It also controls user IDs  by classical blacklisting or whitelisting.
Enforced policy controls classical network access control mechanisms: source IP, destination IP/port and protocol enforcement by layer 7 protocol analysis. It also controls user IDs  by classical blacklisting or whitelisting.


===Advanced authentication and authorization===
===Advanced authentication and authorization===
Control box supports gateway authentication, which is a two factor authentication served by SCB: users initiate connections and they also have to login to control box and enable their own connections.Control box also supports four eyes principle, when users who log in must differ from enabler user. It ensures the user cannot log in without permission.
Control box supports gateway authentication, which is a two factor authentication served by SCB: users initiate connections and they also have to login to control box and enable their own connections.Control box also supports four eyes principle, when users who log in must differ from enabler user. It ensures the user cannot log in without permission.


===Channel Control===
===Channel Control===
RDP and SSH protocols implements channels on the top of connection layer. Each SSH and RDP functions are performed in dedicated channels such as shell is in session shell channel or drawing is the channel of desktop forward in RDP. Control box implements an advanced control on channels enabled to use. It is useful for disabling port forwards, copy and paste and such other functions.
RDP and SSH protocols implements channels on the top of connection layer. Each SSH and RDP functions are performed in dedicated channels such as shell is in session shell channel or drawing is the channel of desktop forward in RDP. Control box implements an advanced control on channels enabled to use. It is useful for disabling port forwards, copy and paste and such other functions.


===Audit and forensics tool===
===Audit and forensics tool===
Inspected protocol content can be stored in a record, called audit trail, and could be replayed by the audit player tool. Audit trail can be used as a digital evidence. As the whole connection can be replayed  it rises some privacy problems in different countries.
Inspected protocol content can be stored in a record, called audit trail, and could be replayed by the audit player tool. Audit trail can be used as a digital evidence. As the whole connection can be replayed  it rises some privacy problems in different countries.

Latest revision as of 04:58, 7 December 2012

Control Boxes

Control Box is a device for controlling and monitoring administrative protocols used for remote access or management in computer technology. Control boxes inspects remote access protocols such as SSH, RDP, Telnet, or Vnc protocols. It can act as a transparent device, as a Router or a Network switch an also in different non-transparent ways .


Functions

Control box controls only administrative protocols with the embedded application layer gateway technology.

Access control at the connection layer

Enforced policy controls classical network access control mechanisms: source IP, destination IP/port and protocol enforcement by layer 7 protocol analysis. It also controls user IDs by classical blacklisting or whitelisting.

Advanced authentication and authorization

Control box supports gateway authentication, which is a two factor authentication served by SCB: users initiate connections and they also have to login to control box and enable their own connections.Control box also supports four eyes principle, when users who log in must differ from enabler user. It ensures the user cannot log in without permission.

Channel Control

RDP and SSH protocols implements channels on the top of connection layer. Each SSH and RDP functions are performed in dedicated channels such as shell is in session shell channel or drawing is the channel of desktop forward in RDP. Control box implements an advanced control on channels enabled to use. It is useful for disabling port forwards, copy and paste and such other functions.

Audit and forensics tool

Inspected protocol content can be stored in a record, called audit trail, and could be replayed by the audit player tool. Audit trail can be used as a digital evidence. As the whole connection can be replayed it rises some privacy problems in different countries.