Xton Access Manager Product Update 2.3.202109131006
Today we released new update to the Xton Privileged Access Manager software. This update added SQL Proxy support to connect to servers in isolated networks and added channel restriction options to SSH Proxy.
Added SQL Proxy support to connect to servers in isolated networks
The update added SQL Proxy support to connect to servers in isolated networks through remote session managers. With this update, SQL Proxy starts to respect proximity groups configuration to route traffic to specific servers given by IP address, host mask, or Vault location through the selected remote session manager appropriate for the selection criteria. The option allows to access remote Oracle servers behind firewall through the single open session manager interface.
Added the option to restrict channels available through SSH Proxy connection
The update added the option to restrict channels available through SSH Proxy connection. SSH Proxy opens the possibility to establish shell, sftp, tunnel, and exec (scp) channels. The new option allows system owners to restrict access to certain channels system wide with the option to override global settings for individual record.
To control the list of channels available in SSH Proxy on a system wide level use global parameter SSH Proxy Allowed Channels. This parameter controls what channels/subsystems allowed to use by client software when connecting through SSH Proxy server. Supported channels are:
- shell – Allow shell connection
- exec – Allow remote command execution including scp transfer
- sftp – Allow file transfer using SFTP protocol
- tunnel – Allow SSH tunnels over SSH Proxy
The system wide settings could be overridden on record level using String custom filed named SshChannels. There are two scenarios to override channel settings:
- List channels allowed for current record. This will allow only shell and exec channels to open: shell, exec
- Use system defaults but add or remove specific channel. This will use setting from system parameter but allow sftp and deny tunnel channels: +sftp,-tunnel
- Script Library > Using Variables or Placeholders
- Formulas > Password Formula
- Enabling SSH Proxy in XTAM
- Search Query Options
- Application Settings > Proxy > SSH Proxy Ciphers
- Creating secure PAM RDP sessions in your web browser
- XTAM Cloud Gateway
- XTAM REST API Documentation
- Xton Access Manager Help
- Getting Started Guide
- Xton Technologies News and Events
- Xton Access Manager How-To Guides
- Explore Our PAM Features and Highlights
- Explore a pre-configured live demo in our environment
The software requires about five minutes to install on a freshly built Windows or Linux server or desktop with 4+ Gb RAM and no pre-requisites. After installation, please follow our Getting Started Guide for step-by-step introduction to the application.
Read the product documentation including Windows and Linux installation instructions as well as Getting Started Guide: https://www.xtontech.com/resources/documentation/
Follow this link for the instructions how to update the existing setup: https://www.xtontech.com/resources/faq/updating-xton-access-manager-version/
Check the software pricing, including options and licensing FAQ: https://www.xtontech.com/store/
We appreciate your feedback and comments about Xton Access Manager and also about handling privileged accounts, passwords, keys and certificates as well as sessions to remote computers in general.
Thank you for your interest in our product.
Xton Technologies team
Xton Access Manager for Privileged Access Management (PAM) provides complete, control for your privileged passwords, secrets, certificates and documents to meet audit requirements while limiting your risk of security breaches. It’s easy to install, affordable, cloud-ready and offers unlimited use and storage
Please fill out this form to receive a download link to get started today, even on your current desktop or laptop. Documentation is available to help or you can email or call us to request a trial extension, discuss questions and share your feedback. We would love to talk to you.