BalaBit announced Shell Control Box (SCB) 4 F1, an enterprise-level activity monitoring appliance that controls privileged access to remote IT systems, records activities in searchable, movie-like audit trails, and prevents malicious actions. It integrates seamlessly into the enterprise’s existing infrastructures and is completely independent from clients and servers.
New features include:
Reports for PCI DSS compliance
Increasingly, the privileged user monitoring market is driven by various compliance and regulatory requirements. For organizations that must comply with PCI DSS, the new version of SCB is able to generate reports that support the PCI DSS audit for organizations. SCB enhances and complements organizations’ compliance reports by providing status information that is available through SCB’s user interface.
Web-based audit player
BalaBit’s movie-like video player is now available through an embedded web-based interface. The audit player is able to replay recorded user sessions, and has an adjustable playback speed. It further includes intuitive event tracking, as well as quick screenshot generation which can be well used in audit and forensics situations.
TN5250 protocol support
The new version makes it possible for security managers to control and monitor remote access to IBM mainframes and other legacy UNIX systems. SCB allows organizations to monitor and audit remote administrative access to legacy IT systems via protocols such as TN3270 or TN5250.
Integrating ticketing systems for RDP connections
Additional authorization has been added which requests ticket IDs from administrators to verify whether they have valid reason to access to servers or not. Should an administrator require access to a remote server, SCB would first require gateway authentication as well as a ticket ID for validation. Should the ticket ID be accepted the administrator would be allowed to continue, however if it is rejected the connection would be blocked.
SCB can support Virtual LAN environments and is able to organize users to any number of VLAN segments. Instead of relocating, reconfiguring and reconnecting clients and servers on the entire network, it is now possible to use SCB’s existing network interfaces and configure the VLANs to that existing physical network interface which allows for extreme flexibility in networking.