ManageEngine, an IT management company with a focus on simplicity, used the RSA Conference in San Francisco to launch Key Manager Plus, a comprehensive, web-based, SSH key management solution. It joins ManageEngine's privileged identity management suite to give administrators visibility into the SSH environment, enabling them to pre-empt breaches and compliance issues.
Safeguarding data in transit has always been a big challenge for security administrators. Most IT organisations today use SSH for remote administrative access and data transfer. While robust and convenient when compared to password-based authentication, SSH keys present some unique challenges. When keys are left unmonitored and unmanaged, organisations are vulnerable to cyber-attacks. In the absence of an automated system, getting the list of all the keys in use, finding and restricting access privileges, and ensuring periodic rotation is a huge task. ManageEngine Key Manager Plus solves those issues.
"SSH has become the protocol of choice for remote access to business-critical systems both within the corporate network and in the cloud,” said Rajesh Ganesan, Director of Product Management at ManageEngine. “With identity thefts and unauthorised privileged access lying at the root of modern day cyber attacks, managing the SSH key life cycle has become a significant aspect of privileged access management programs. With Key Manager Plus, we're helping organisations deploy a complete privileged access management solution."
Key Manager Plus enables centralised management and visibility over the SSH keys across the network. Highlights of the new product include:
- Discovery: Discovers the SSH systems in the network, enumerates users, and finds existing private keys.
- Secure repository: Consolidates all discovered SSH keys and stores them in a secure, centralised repository for easy access and management.
- Centralised key creation and deployment: Centrally creates new public and private key pairs and associates private keys with their users. Deploys new or existing public keys on the required systems.
- Periodic rotation: Tightens security by periodically rotating key pairs and prevents their misuse.
- View key-user relationship: Provides a holistic view of the key to user relationship across the organisation.
- Direct connection to SSH systems: Enables users launch a direct, SSH connection with target systems using the SSH keys stored in Key Manager Plus.
- Audit and track: Audits and tracks all user activities and generate reports.
- Restrict and regulate access: Associates specific resources to users, establishes granular access controls.
- Remove unwanted keys: Helps delete any unwanted keys from the database, terminate access immediately, and prevent violations by obsolete accounts.
- Ensure compliance: Improves SSH key management and helps comply with industry regulations such as SOX, FISMA, PCI-DSS, NERC-CIP and HIPAA.
With Key Manager Plus added to its privileged identity management suite, ManageEngine now gives users the tools needed to consolidate, control, manage, monitor and audit the entire lifecycle of all types of privileged identities - passwords and SSH keys alike. The suite also includes Password Manager Pro, the company's privileged password manager for enterprises that need privileged account management, remote access management and session management.
Pricing and Availability
Key Manager Plus (2.0) is available now as a fully functional, free 30-day evaluation edition. The Free Edition allows you to have a maximum of five users (SSH user accounts). Standard Edition prices start at US$595 per year for 50 users. All editions can be downloaded directly from the ManageEngine website.