15/02-05   -   Pressmeddelande

TFS ServerControl Brings Central Control to OpenSSH

Version 6.0 Simplifies Management of SSH-Based Security Solutions, Even in Very Large Linux and UNIX Domains

Herndon, VA and Uppsala, Sweden - February 16 2004. --- TFS ServerControl, a solution for consolidating and simplifying identity and access management in UNIX and Linux environments, is now available in a new 6.0 version that adds central management features to the OpenSSH open source implementation of the Secure Shell (SSH) protocol. Features include a complete distribution of OpenSSH for the SSH public key and host-based authentication methods, as well as privilege separation and granular SSH access control for separate SSH services.

The upgrade takes OpenSSH from a peer-to-peer concept, with its tedious deployment and security drawbacks, to a centrally managed system with known, visible access rights and strict enforcements. It also extends the product’s ability to define, implement, and audit a precise security policy --- including the creation of user groups and roles, establishing access rights, ensuring data integrity, and auditing the entire process — all from a single administration interface.

In Version 6.0, the security server of the TFS ServerControl-managed domain automatically registers host public keys, making configuration of OpenSSH-secured connections a centrally managed function controlled by network and security administrators rather than depending upon individual users to properly configure their private peer-to-peer connections.

The TFS ServerControl security server now provides central storage of public keys, eliminating the need to distribute new host keys to all host machines on the network whenever an additional host is added. With TFS ServerControl, an administrator simply adds the new host to the security domain and thereby makes it instantly available to users on all the other hosts, provided their user profiles grant access to corresponding OpenSSH-based services on target machines.

TFS ServerControl 6.0 also enables administrators to grant access to distinct OpenSSH-based services for individual users while blocking others. Thus, for example, a user may be allowed to use secure ftp between two hosts but forbidden to perform command execution over SSH.

“The new SSH functionality in 6.0 will further enhance the administration and security in our customers’ mixed infrastructure environments," said Göran Fransson, CTO, TFS Technology Inc.
“Central management of public keys combined with granular access control based on individual SSH services means security is strengthened, administration is simplified, and the user experience is improved with single sign-on capabilities. Especially our large customers in the financial and telecom sectors are asking for these SSH improvements. The use of OpenSSH becomes a realistic option once it is auditable and centrally managed and controlled."

Specifications and Availability
TFS ServerControl supports today’s primary Unix and Linux systems, as well as older and less common platforms. Support is currently available for 25+ versions of Unix/Linux platforms, including HP HP-UX, IBM AIX, Sun Solaris, Red Hat, SuSE, SGI Irix, HP Compaq Tru64, and SCO Unix. Version 6.0 is available through TFS Certified Partners around the world or direct from TFS Technology at http://www.tfstech.com.