Shell Control Box now monitors web based applications
Posted on 04 October 2013.
BalaBit IT Security announced a new version of its Shell Control Box (SCB) activity monitoring appliance.

The latest version of SCB makes forensics investigations easier, faster and more cost effective by extending the list of auditable protocols Ė SSH, RDP, Citrix ICA, VNC, Telnet Ė with HTTP/HTTPS. HTTP, originally created for content transport, has been becoming increasingly popular as a GUI protocol for various tools such as management network devices, business applications and SaaS/virtual infrastructures.

Complying with data security regulations becomes smoother by extending real-time user activity monitoring to windows environments by controlling the applications that users run. To protect customersí existing network investments, the new SCB version is able to authenticate and control network operators working with shared accounts in - still widely adopted - legacy network environments.

SCB 3 F5 is an independent and transparent device that does not require any change to the network or privileged usersí everyday work, and can now be integrated with all popular password management system.

Key new features:

Improved prevention of malicious actions: Real-time alerting in graphical sessions
SCB 3 F5 extends the previous versionís capabilities - monitoring, alerting and blocking the content in SSH traffic - to RDP and VNC protocols, as well. Now SCB can monitor the traffic of these graphical connections in real time, and send an e-mail alert and/or terminate the connection if a user tries to run an unwanted application.

Improved audit of privileged web activities: Review of HTTP pages
SCB can now render visited webpages like a web browser. Screenshots tracking the monitored userís actions can be downloaded, in which. When replaying the HTTP session, the audit trail can be used as a web-browser to navigate among user-visited pages; to display the web pages by scrolling its content, and to click on the links; and even to display the forms with the values that were filled in by the user.

Integration with Password Manager tools
SCB 3 F5 provides a generic plugin framework that provides integration with all widely adopted password management systems. The integration enables user credentials to be completely separated from the credentials used to access servers. With this development, companies can future-proof their existing password management investments.

Monitor access to legacy network devices: New Telnet features
SCB 3 F5 offers several new features to reliably control and audit Telnet connections even if they are SSL/TLS-encrypted. For example, SCB can be configured to require gateway authentication from network operators in Telnet connections. SCBís credential store can store user credentials and use them to login to the target device, without the user having access to the credentials. SCB can also monitor the Telnet traffic in real-time, and can send an alert or block the connection if a suspicious command or text appears in the command line or on the screen.


eBook: Cybersecurity for Dummies

Posted on 16 December 2014.  |  APTs have changed the world of enterprise security and how networks and organizations are attacked. These threats, and the cybercriminals behind them, are experts at remaining hidden from traditional security while exhibiting an intelligence, resiliency, and patience that has never been seen before.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Dec 19th