Xton Access Manager
Remote Employee Gateway
Secure Access Control over your Network and Cloud
Remote employees (especially IT Admins) and contractors need secure access to your network and accounts, including Windows, Unix, internal Web Sites, AWS or Azure Instances, Mainframes, Cisco and Juniper Network Devices or Web Management Portals, in order to maintain your business. However, granting access to your trusted users, both inside and beyond the firewall, can also open the door to bad actors gaining access to your critical infrastructure.
With Xton Access Manager, you can securely lock your systems and secrets behind your firewall and use XTAM (with secured Active Directory logins, MFA, Approval and Time-based Workflows) to safely provide access to only those trusted personnel. Layered with Audit Trails, Video Recording and Notifications, you can be confident that your infrastructure will remain secure from threats.
Provide Secure Remote Access with Web or Native Client Support
Establish browser based secured access to remote desktop or shell terminals allowing employees or outside partners safe, secured and monitored access to devices inside your network.
In addition, XTAM can facilitate secure connections to Web Sites or Web Management Portals without disclosing the required login credentials using common browsers like Internet Explorer, Chrome, Firefox and Safari.
Easily Share Access to your many Servers, Devices and Portals
Access computers (Windows, Unix, AWS Instances, Azure, Mainframes), Network and IoT Devices (Cisco, Juniper, etc), Web Sites (like Salesforce, Office 365), Web Admin Portals (Firewalls, Routers, ERP systems), Privileged Accounts (Administrator, Root) using standard RDP, SSH, Telnet, VNC and HTTPS protocols.
Secure Personal User Access with AD, SSO or MFA Authentication
Protect your shared systems and accounts by associating users and contractors with specific logins. Also, through the use of Multi-Factor Authentication, you can be sure that access is only possible by authorized individuals.
Limit Access by Account or System using Configurable Control Policies
Enforce greater control by implementing policies that limit access using parameters like time of day, physical locations (as determined by IP address), days of the week (workdays) or other combinations.
Approval Workflows for Enhanced Security & Controlled Access
Configure and implement approval workflows (also known as Dual Control, Four-Eyes or Peer Approval) to your privileged records to enable additional security. This includes options for Emergency Access, multi-step Approval Processes, Auto- or Group-Approval, Access Restrictions and Required Comments or Reasons.
Audit Trails and Reporting to Ensure Compliance
Fully embedded auditing for all access and activity events. Understand exactly what, when and by whom your systems, computers and devices were accessed. In addition, simple integration with 3rd party SIEM systems using the syslog protocol is available.
Access Controls for Cloud-based Datacenters
When transitioning to a Cloud datacenter the traditional concepts involving firewall and perimeters disappear. All IP addresses are either public or shared with someone else in the boundaries of your huge datacenter. Access Broker is the way to recreate this perimeter. Simply block access to all resources from all locations and all people, but permit only XTAM to access your critical endpoints. This forces employees, contractors and vendor to use XTAM to access your cloud infrastructure which enforces security, control and auditing.
Record all remote access activity including video, keystroke and file transfers to remote computers for regulatory compliance.
Alerts & Notifications
Never be left in the dark again. Setup alerts and notifications to be aware when users are sharing, accessing or working with your systems.
Monitor, Observe, Join or Terminate Active Sessions in Real-Time
Join live sessions to observe user activity on remote computers, share knowledge, assist with troubleshooting or simply monitor user activity.
Access Support includes RDP, SSH, VNC, Telnet and HTTPS
Connect to remote computer and WEB endpoints using a variety of the most popular and standard protocols.
Iron Clad Security
A fully secure AES-256 encrypted Identity Vault maintains total control over all your accounts, secrets and records. A provided master password ensures a “break glass” operation can be performed in an emergency. Your sleep just became a lot more peaceful.
Based on the latest web standards, it runs smoothly in all modern day browsers, including mobile and tablet devices.
Requires only server side installation. No agents are required for any operation on the server or client side.
Enhance your security by integrating with Active Directory or MFA authentication from the most popular providers like Google and Duo Security.
The application components could be installed on any modern Windows or Linux computer.
Keep encrypted application data in the embedded database or MS SQL, Oracle, MySql or PostgreSQL database.
Data in the identity vault is encrypted with AES-265 based encryption. For additionally security, the application can store the master key on a computer separate from the main application or from the application database.
The system components could be installed on multiple nodes across computers, connected through a load balancer, to ensure that failure of a node will not impact system availability.
The system components could be installed on multiple computers to increase performance. The system supports multiple WEB Front Ends, session managers and job engines to process tasks like discovery, password reset or script execution.