Xton Access Manager Product Update 2.3.202010252237
Today we released new update to the Xton Privileged Access Manager software. This update adds Transparent Perimeter deployment option providing access to closed isolated networks behind firewall and also adds support for PostgreSQL database account management.
Transparent Perimeter deployment option providing access to closed isolated networks
The update added Transparent Perimeter deployment option providing access to closed isolated networks behind firewall based on the reverse tunnel architecture. The option improves security of the isolated network under management by allowing external parties to access assets inside the network with no requirements to open ports in the network firewall. Transparent Perimeter deployment is a useful addition to an MSP looking to manage client networks with no interference with the network perimeter. The option is also useful for organizations accessing on-premises or multi-cloud datacenters using cloud-deployed Master XTAM cluster.
The Transparent Perimeter feature complements the existing Remote Node deployment scenario that requires a firewall rule to open the port in the isolated network to provide secure encrypted Master Node connectivity to the Remote Node. The Transparent Perimeter feature might be used to provide low traffic connectivity to networks with high security requirements or to quickly investigate test scenarios.
This deployment scenario requires hosts of XTAM Master nodes to provide SSH Tunneling capability for the remote node. In this configuration, XTAM Remote Node deployed to the closed isolated network builds and maintains reverse SSH tunnels back to the master nodes using configured port on the master node. It allows administrators to configure Session Manager Proximity Group in XTAM Master node for the localhost port exposing remote session manager inside the isolated network.
The configuration for the reversed tunnels is performed using the following properties on the remote node in $XTAM/web/conf/catalina.properties file:
- xtam.reverse.tunnel.remoteHost=Master node host for SSH connection
- xtam.reverse.tunnel.remotePort=Master node port for SSH connection
- xtam.reverse.tunnel.remoteUser=Master node user for SSH connection
- xtam.reverse.tunnel.remotePassword=Master node user password or Private Key password for SSH connection
- xtam.reverse.tunnel.remoteKey=Path to master node Private Key for SSH connection as an alternative for remoteUser
- xtam.reverse.tunnel.forwardHost=Session manager host in the isolated network in the local isolated network space
- xtam.reverse.tunnel.forwardPortLocal=Session manager port in the isolated network
- xtam.reverse.tunnel.forwardPortRemote=Session manager port on the master node to use in the proximity group
- xtam.reverse.tunnel.forwardBindingAddress=Binding address on the master node to expose the port to other interfaces
Note that index in xtam.reverse.tunnel configuration allows to specify multiple tunnels maintained by the remote node. Reverse tunnel SSH connection could be established using user / password or user / private key (optionally with password).
Added support for PostgreSQL database account management
The update added support to manage accounts in PostgreSQL database including Check Status and Password Reset tasks including direct and shadow account access as well as permission and workflow based password unlock and custom script execution. PostgreSQL is a popular open source database server with commercial friendly license.
The update added initially hidden record type for PostgreSQL database including check status and password reset tasks based on the PostgreSQL Connection string given by host:port/database, host/database, host[:port]/database or full JDBC connection string jdbc.postgresql://host[:port]/database
Please review key features documentation and product news using the links below
- XTAM Gateway
- XTAM REST API Documentation
- XTAM Password Vault Free Trial Download
- Xton Access Manager User Manual
- Getting Started Guide
- Xton Technologies News and Events
- Xton Access Manager How-To Guides
- Explore Our PAM Features and Highlights
- Explore a pre-configured live demo in our environment
- Best Practices Guide provides insights into both Concepts and Design elements for users looking to build out their PAM deployment
The software requires about five minutes to install on a freshly built Windows or Linux server or desktop with 2+ Gb RAM and no pre-requisites. After installation, please follow our Getting Started Guide for step-by-step introduction to the application.
Read the product documentation including Windows and Linux installation instructions as well as Getting Started Guide: https://www.xtontech.com/resources/documentation/
Follow this link for the instructions how to update the existing setup: https://www.xtontech.com/resources/faq/updating-xton-access-manager-version/
Check the software pricing, including options and licensing FAQ: https://www.xtontech.com/store/
We appreciate your feedback and comments about Xton Access Manager and also about handling privileged accounts, passwords, keys and certificates as well as sessions to remote computers in general.
Thank you for your interest in our product.
Xton Technologies team
Xton Access Manager for Privileged Access Management (PAM) provides complete, control for your privileged passwords, secrets, certificates and documents to meet audit requirements while limiting your risk of security breaches. It’s easy to install, affordable, cloud-ready and offers unlimited use and storage
Please fill out this form to receive a download link to get started today, even on your current desktop or laptop. Documentation is available to help or you can email or call us to request a trial extension, discuss questions and share your feedback. We would love to talk to you.
The Featured image for this article is Background vector created by vectorpouch – www.freepik.com