Shell Control Box

Functions

SCB controls only administrative protocols with the embedded application layer gateway (proxy) technology.

Access control at the connection layer

Enforced policy controls classical network access control mechanisms: source IP, destination IP/port and protocol enforcement by layer 7 protocol analysis. It also controls user IDs (e.g. root or Administrator is prohibited) by classical blacklisting or whitelisting.

Advanced authentication and authorization

SCB supports gateway authentication, which is a two factor authentication served by SCB: users initiate connections and they also have to log in to SCB and enable their own connections.

SCB also supports four eyes principle, when users who log in must differ from enabler user. It ensures the user cannot log in without permission.

Channel Control

RDP and SSH protocols implements channels on the top of connection layer. Each SSH and RDP functions are performed in dedicated channels such as Shell is in Session shell channel or Drawing is the channel of Desktop forward in RDP. SCB implements an advanced control on channels enabled to use. It is useful for disabling port forwards, copy&paste and such other functions.

Audit and forensics tool

Inspected protocol content can be stored in a record, called Audit trail, and could be replayed by the Audit Player tool. Audit trail can be used as a digital evidence. As the whole connection can be replayed (seen by any auditor who have access to the device) it rises some privacy problems in different countries.