SSH announced version 2 of Tectia Guardian, its technology solution that enables real-time session monitoring with IDS and DLP integration capabilities. The solution provides a proactive set of security controls for critical data channels to minimize the risk of security breaches.
Strict IDS requirements have in the past prevented the use of encryption in certain critical environments, but with SSH Tectia Guardian, end-to-end encryption can be utilized between any hosts, without the threat of malicious use of encrypted channels.
The solution logs and records every session, and performs a step-by-step inspection and auditing of both encrypted and unencrypted traffic. The new features include support for auditing and replaying RDP6, VNC, and T3270 protocols, as well as X11 traffic forwarded in Secure Shell connections. These new protocols add to the existing SSH, RDP5, and Telnet inspection capabilities.
The solution further adds capabilities for enforcing the four-eyes principle, enabling out-of-band authentication, authorization, and real-time monitoring of audited and encrypted connections.
Authentication options for audited traffic now include user mapping, key-bridging for x.509 certificates and public keys, as well as LDAP and RADIUS authentication. Audit reporting capabilities enable custom reports and full listings of commands executed by power users within encrypted terminal sessions.