Xton Access Manager Product Update 2.3.202105022207
Today we released new update to the Xton Privileged Access Manager software. This update added multiple Duo Security MFA providers support for Proxy Sessions, added support to exclude archived records from the search result, and added support for an alternative SSH job execution using the extended cryptography framework.
Added multiple Duo Security MFA providers support for Proxy Sessions
The update extended the option to support multiple Duo Security providers to SSH and RDP Proxy connections made using native clients. The option allows Managed Service Providers to define different MFA options for their clients while still allowing them to use native clients (ssh, scp, PuTTY, mstsc, etc) to connect to destination end-points.
The option respects cas.authn.mfa.duo[X].xxxx configuration with X being an index (0, 1, 2, …) defining multiple Duo Security tenants as described in the guide below. System administrators assign Duo configuration to groups of users using Administration / MFA screen.
Added support to exclude archived records from the search result
The update starts to exclude archived records from the search results, Favorites and Shared with Me areas. Archive records are still included in the record list during folder browsing in main our personal vaults. User can search archived records using combination of Query with Archived Records search criteria.
Added support for an alternative SSH job execution
The update adds support for an alternative SSH job execution provider using the extended cryptography framework. Alternative SSH job execution option allows to execute jobs on the broader range of devices that restrict access using extended cryptography algorithms to supplement recently introduced SSH Proxy to establish sessions to such devices.
Use global parameter SSH Connector Type to switch between default (Jsch Connector) and extended (SSHD Connector) provider to execute all SSH and Interactive SSH jobs in the system. Alternatively, use record level field SSHConnectorType (Display name: SSH Connector Type, Choice values: Jsch Connector, SSHD Connector) to switch to default or extended provider for each individual record.
Added configuration parameters for SSH Proxy keep alive interval and count
The update adds global parameters to control SSH Proxy keep alive function for client-size communication. SSH Proxy server uses keep-alive mechanism to detect disconnected client application in time to close their SSH Proxy sessions. In some cases of network transport failure such as VPN disconnects SSH Proxy server does not receive regular TCP disconnect signal. To process session completion in such situations, SSH Proxy server sends periodic keep alive packets to the client application. When the client does not respond after several consequent keep alive messages, SSH Proxy server marks the session as completed and disconnects the client. The update adds the option to control frequency and count of keep alive packets to declare the particular session to be disconnected. The update also enables the option to disable client-size keep alive mechanism for the networks that benefit from disabling this feature.
Use global parameter SSH Proxy Keep Alive Count to define the number of keep-alive messages allowed without response from client. SSH Proxy will disconnect stale session after the specified number of unconfirmed keep alive packets. The value 0 in this parameter disables client-size keep alive mechanism.
Use global parameter SSH Proxy Keep Alive Interval to specify the frequency of the keep alive messages in seconds. The value 0 in this parameter disables client-size keep alive mechanism.
- Syslog Configuration
- Import from KeePass
- Duo Security
- Custom Reports
- Examples of custom reports
- NGINX Configuration
- XTAM Cloud Gateway
- XTAM REST API Documentation
- Xton Access Manager Help
- Getting Started Guide
- Xton Technologies News and Events
- Xton Access Manager How-To Guides
- Explore Our PAM Features and Highlights
- Explore a pre-configured live demo in our environment
The software requires about five minutes to install on a freshly built Windows or Linux server or desktop with 4+ Gb RAM and no pre-requisites. After installation, please follow our Getting Started Guide for step-by-step introduction to the application.
Read the product documentation including Windows and Linux installation instructions as well as Getting Started Guide: https://www.xtontech.com/resources/documentation/
Follow this link for the instructions how to update the existing setup: https://www.xtontech.com/resources/faq/updating-xton-access-manager-version/
Check the software pricing, including options and licensing FAQ: https://www.xtontech.com/store/
We appreciate your feedback and comments about Xton Access Manager and also about handling privileged accounts, passwords, keys and certificates as well as sessions to remote computers in general.
Thank you for your interest in our product.
Xton Technologies team
Xton Access Manager for Privileged Access Management (PAM) provides complete, control for your privileged passwords, secrets, certificates and documents to meet audit requirements while limiting your risk of security breaches. It’s easy to install, affordable, cloud-ready and offers unlimited use and storage
Please fill out this form to receive a download link to get started today, even on your current desktop or laptop. Documentation is available to help or you can email or call us to request a trial extension, discuss questions and share your feedback. We would love to talk to you.