The core application systems of large enterprises and organizations nowadays consist of a large number of Unix/Linux servers, Windows servers, network devices, and applications, which could include Enterprise Resource Planning (ERP) systems, Customer Relationship Management (CRM) systems, Human Resource (HR) Management systems, billing system, office automation, electronic operations and maintenance, knowledge management and other client/server and/or browser/server applications.

Generally, administrators and operators use Telnet/SSH to remotely manage Unix/Linux servers and network devices, and use Windows Remote Desktop Protocol (RDP) to remotely manage Windows servers. Other widely used tools and protocols could also include VNC, HTTP, FTP, Rlogin, RSH and many more.

Security managers presently face one major problem. On one side, to prevent threats from network eavesdropping, security managers require Administrators to use encrypted protocols during remote management. However, on the other side, due to the inability to audit these encrypted sessions, security auditors could prevent Administrators from using these encrypted protocol so that they can collect and record audit information.  Faced with such dilemma, should security managers adopt encrypted protocols to avoid threats, or to not use encrypted protocols in order to audit the operations?

At BMST, we believe that:

ENCRPTED PROTOCOLS SHOULD AND CAN BE USED AND AUDITED IN THE SAME WAY AS THOSE UNENCRYPTED PROTOCOLS.

See how we make it work.