System administration control

We take the availability and expected operation of the systems for granted until a sort of stoppage happens. Until a system operates well, we feel that is in the course of nature,  and it is familiar idea all of us. But, when the system stops by a sort of error, we live  through it like a disaster.

Of course, every system stoppage can be come through awhile, but every stoppage can cause discomfort, at worst, property damage for our company.

In this case, a software help may come in handy, in order to find out that who, when and how made a mistake, where can we fix or recover it. So, we can recover our system as soon as possible. If we reach it, the analysis is the next step:

• Who did make the mistake?
• Why did the mistake happen?
• What should we do to avoid this kind of problem in the future? 

The solution is Balabit Shell Control Box

Balabit Shell Control Box (SCB) is a tool for administration checking, monitoring and auditing servers and network appliances. We can check the encrypted connections with it, so we can control the system administration activities and processes. SCB is independent from the clients and servers, an outside appliance focusing the administrative traffic. The advantages can be reached using it are:

• There is no more misconfigured appliance, as the server administration can be controlled.
• An inside attacker cannot do anything without trace. Knowing that the impeachement cannot be avoid, this danger decrease to minimal.
• The server administration processes become auditable: it is a particular advantage, if there is any regulation you must comply with (SOX, Basel II, HIPAA etc.
• In case of outsourced IT services we can be sure about the quality of operation work we got.

Balabit SCB solution records all activities of system administrators as a film: we can look the issued orders, which systems were modified and how. In case of incident, the circumstances can be reached in the SCB audit trail files. So the cause of the incident can be described easily.

Entire control of the administrative channels

SCB is for control the SSH, RDP5, RDP6, VNC, X11 Telnet -s TN3270 channels used to reach servers and network appliences. We can determine that who, when and from where can connect to a given server (e.g. from inside only), which channels can be used for in SSH and RDP connections.

We can disable the needless channels (e.g. SSH port forward, RDP file sharing), so our systems will become more secure. By control the SSH keys, we can prevent man-in-the-middle attacks. The regulation established via SCB is obligatory and cannot be bypassed in the whole network for all system administrators. A higher responsibility level comes into being, without so much as any server- or client-side applications must be modified.

System implementation

Web interface of SCB and role-based administration make possible the compliance to the security purposes and use of full functionality of the system.

Implementation of the  system guarantees immediate results: implementation should be started with default system configuration, then pushing on with the security consciousness SCB can be customized following the projects and purposes. So every functionality of it can serve the company security easily, step-by-step.