XTAM Gateway is a lightweight solution that provides secure and seamless remote session connectivity to your servers and devices directly in your network over HTTPS, SSH or RDP including complete session video recording, keystrokes, clipboard, file transfer capture, role based access and multi-level access approval process. When you connect via the XTAM Gateway, your infrastructure does not need a public IP addresses or to be externally accessible from outside your firewall.
The XTAM Gateway provides secure RDP, SSH, VNC, Telnet and HTTPS connectivity to all of the endpoints in the network in which it is deployed, regardless if you are entirely on-premise, hybrid or fully cloud based in offerings from Amazon AWS EC2, Azure or Virtual Private Clouds (VPC). Using the XTAM Gateway protects your infrastructure from exposing their communication ports to the outside world and its threats, while still providing secure access using these same ports. With XTAM, you connect to these managed endpoint directly from its portal meaning you do not need any additional clients, agents, or pieces of software.
And while the XTAM Gateway does not require any clients or agents, it does fully support the use of native RDP and SSH clients to create secure, remote sessions. This allows users to continue to make use of their favorite connection management client while still providing the security that is inherit with Gateway deployments.
How it Works
The XTAM Gateway is deployed to your network and once available, the remote session connectivity is available to all your devices in the same network, whether physical or virtual.
Connections protocols like RDP, SSH, HTTPS, VNC and Telnet are some of the basic means through which you can connect to your network endpoints and devices. Exposing these ports outside of your firewall and particularly over the internet isn’t desired and is seen by many as a significant threat surface. To mitigate this threat, you use the XTAM Gateway as the public facing side of your network and it in turn provide the session connectivity to the endpoints behind this host and others inside the network.
- The XTAM Gateway is deployed in a DMZ or the public facing side of your network.
- Your user’s will connect to this XTAM Gateway using any modern day, desktop or mobile, browser over TLS on port 443 or a native RDP or SSH client of their choice.
- Once authenticated, the user will then select from a list of available, permission trimmed options, which server, device or endpoint they wish to connect to.
- With a simple click on the Connect button, the XTAM Gateway will start the appropriate session to this device depending on the required protocol; RDP, SSH, VNC, Telent or HTTPS.
- Because the XTAM Gateway is creating the actual session, and not the user’s workstation or mobile device, the managed endpoints are not directly exposed beyond your firewall.
Key Benefits of the XTAM Gateway
Due to the architecture and deployment of the XTAM Gateway, it offers a number of key benefits for secure, remote access to internal resources over traditional means.
- Internal resources do not have to be exposed to the internet, eliminating the need of costly VPNs, firewall exceptions or personal screen sharing software that can leave your network vulnerable to external threats.
- Hierarchical assets organization with many levels of nested folder structure with role based access (RBAC).
- Easily enable SSO or MFA authentication requirements on the XTAM Gateway so that all remote sessions are established only by trusted individuals.
- Quick, reliable and secure one-click remote sessions directly within any modern browser, desktop or mobile, without requiring any agents or additional installs.
- Enable full recording capabilities on any sessions to better manage, investigate, audit or review activities that are performed while connected to your endpoints. Recordings include video, keystrokes, clipboard and file transfers.
- Configure a Workflow Approval process to enforce Just In Time access for all or some managed assets.
- Pass-through credentials to support Red Forest best practices.
- Eliminate common Port Scanning vulnerabilities as your internal resources are not exposed or open to the internet.
Advantages over Other Gateway Products
Compared to other Gateway products, XTAM provides the following advantages:
- Self hosted solution that allows for the ultimate control over how your deployment can be accessed. Options include on-premise, cloud infrastructure from AWS or Azure and hybrid solutions.
- Many authentication options which include Active Directory, LDAP, eDirectory, Azure AD, Office 365, Gemalto, Okta, SAML, SSO and MFA.
- Workflow approvals to support Just in Time Access, One-Time Passwords as well as Time or Location based access requests.
- Sessions support copy and paste commands, clipboard copy and file transfers both from and to the managed endpoint.
- Both IPv4 and IPv6 are supported.
- Native RDP or SSH clients are not required, but they are supported for a more streamlined and natural session experience. These includes any client applications that support the RDP or SSH protocols like MSTSC, mRemoteNG, PuTTY, SecureCRT, Moba and virtually all the rest.
- No agents, extensions, clients or custom launchers are required on either side of the session connection (client or server).
- Any modern day HTML-5 based browser, desktop or mobile, is supported.
- Use the Join option to connect to a user’s existing remote sessions to facilitate real-time monitoring and interaction.
- Dozens of concurrent remote sessions are supported per XTAM Gateway host. Additional host nodes can be deployed for increased bandwidth or to support scenarios such as High Availability or Disaster Recovery.
- Enable recording for all or select sessions to capture video, keystroke, clipboard or file transfer events.
- Highly scalable and affordable enterprise grade application that can support any business; from small IT departments to multi-national organizations.
- Existing XTAM Gateway solutions can be easily upgraded to a true, enterprise level Privileged Access Management (PAM) solution, including Secret Vaulting, Elevated Task Execution and Password Rotation.
Ready to learn more or to try out the XTAM Gateway?
- Schedule a Demo to see a fully implemented XTAM Gateway and ask any questions you may have.
- Download a fully featured 30 day trial to test the XTAM Gateway in your network.