Xton Access Manager Product Update 2.3.202106062305
Today we released new update to the Xton Privileged Access Manager software. This update added interactive target host selection and host or network restriction options when connecting to SSH servers using native clients.
Added target host selection option when connecting to SSH servers using native clients
The update adds target host selection option when connecting to SSH servers using native clients. The option allows asset owners to white list several destination hosts instead of specifying a single target host to connect. When a user connects to such asset using native SSH client, the system will prompt the user to select one of the destination host from the list presented by the system from the configured white list.
To enable hosts whitelisting, create record level Text field Hosts to store comma-, semicolon-, colon- or new line-separated list of hosts or host:port combinations. When the list of allowed hosts is defined for the record, SSH Proxy connect action prompts for the host selection to choose the host to connect with the credentials on record.
Added target host or network restriction option when connecting to SSH servers using native clients
The update adds target host or network restriction option when connecting to SSH servers using native clients. The option allows asset owner to allow users to provide destination host on record by specifying empty Host field in the record yet still restrict destination host selection by white listing destination host name, IP addresses or IP-ranges. The option simplifies access configuration for complex networks.
To enable target host restriction, create record level Text field AllowedResolvedHosts to store comma-separated list of hosts, IP, or IP-ranges (from-to or IP/bits) combinations. When a user provides a destination host to connect to a record configured with an empty host, the system will only allow connections to the destinations compliance with the specified restrictions.
The target host restriction option is applicable for both WEB SSH and SSH Proxy connections made by native SSH clients.
Added server side enforcement of white listed domains when injecting credentials to WEB Portals accessed through HTTP Proxy
The update fixed the security issue that allowed to make HTTP Proxy to reveal credentials injected into authentication workflow on one WEB Portal to another, potentially malicious, WEB Portal when using the same access token. The update enforces HTTP Proxy to validate destination URL on the server side with the URL on the WEB Portal record to restrict access to this specific domain.
To enable domain white listing for multiple sites in cases of SSO redirections, create record level Text field AllowedHosts to store comma-separated list of hosts allowed for HTTP Proxy password injection procedure.
- Prompt for Credentials
- Available Fields for Additional Functionality (Allowed Hosts)
- Available Fields for Additional Functionality (Allowed Resolved Hosts)
- XTAM Cloud Gateway
- XTAM REST API Documentation
- Xton Access Manager Help
- Getting Started Guide
- Xton Technologies News and Events
- Xton Access Manager How-To Guides
- Explore Our PAM Features and Highlights
- Explore a pre-configured live demo in our environment
The software requires about five minutes to install on a freshly built Windows or Linux server or desktop with 4+ Gb RAM and no pre-requisites. After installation, please follow our Getting Started Guide for step-by-step introduction to the application.
Read the product documentation including Windows and Linux installation instructions as well as Getting Started Guide: https://www.xtontech.com/resources/documentation/
Follow this link for the instructions how to update the existing setup: https://www.xtontech.com/resources/faq/updating-xton-access-manager-version/
Check the software pricing, including options and licensing FAQ: https://www.xtontech.com/store/
We appreciate your feedback and comments about Xton Access Manager and also about handling privileged accounts, passwords, keys and certificates as well as sessions to remote computers in general.
Thank you for your interest in our product.
Xton Technologies team
Xton Access Manager for Privileged Access Management (PAM) provides complete, control for your privileged passwords, secrets, certificates and documents to meet audit requirements while limiting your risk of security breaches. It’s easy to install, affordable, cloud-ready and offers unlimited use and storage
Please fill out this form to receive a download link to get started today, even on your current desktop or laptop. Documentation is available to help or you can email or call us to request a trial extension, discuss questions and share your feedback. We would love to talk to you.