Control Boxes

From SolidsWiki
Jump to navigation Jump to search
Control Boxes

Control Box is a device for controlling and monitoring administrative protocols used for remote access or management in computer technology. Control boxes inspects remote access protocols such as SSH, RDP, Telnet, or Vnc protocols. It can act as a transparent device, as a Router or a Network switch an also in different non-transparent ways .


Functions

Control box controls only administrative protocols with the embedded application layer gateway technology.

Access control at the connection layer

Enforced policy controls classical network access control mechanisms: source IP, destination IP/port and protocol enforcement by layer 7 protocol analysis. It also controls user IDs by classical blacklisting or whitelisting.

Advanced authentication and authorization

Control box supports gateway authentication, which is a two factor authentication served by SCB: users initiate connections and they also have to login to control box and enable their own connections.Control box also supports four eyes principle, when users who log in must differ from enabler user. It ensures the user cannot log in without permission.

Channel Control

RDP and SSH protocols implements channels on the top of connection layer. Each SSH and RDP functions are performed in dedicated channels such as shell is in session shell channel or drawing is the channel of desktop forward in RDP. Control box implements an advanced control on channels enabled to use. It is useful for disabling port forwards, copy and paste and such other functions.

Audit and forensics tool

Inspected protocol content can be stored in a record, called audit trail, and could be replayed by the audit player tool. Audit trail can be used as a digital evidence. As the whole connection can be replayed it rises some privacy problems in different countries.