ISR has kept the security of various companies intact since the launch our
SSO authentication service, CloudGate. CloudGate is battle-tested with more than
1 billion secure logins and access requests validated over 9 years online.
SECURE YOUR CLOUD WITH CONFIDENCE

What is CloudGate Key Manager?

________

With ever more computing resources moving off-premise and into the cloud, controlling access to these resources becomes increasingly important. Traditionally, remote access to these hosts is performed using the SSH protocol, and, while the protocol in itself provides sufficiently adequate security mechanisms, organizations continue struggling to deploy these mechanisms at scale.

To boost security, moving away from username/password authentication to private/public key authentication is an important first step for SSH hosts, but provisioning the authorized keys to a large number of instances has proven to be cumbersome. This, in turn, results in a wild growth of long-lived keys, often shared by multiple users or even entire organizations, putting the whole infrastructure at risk.

CloudGate Key Manager addresses this problem by providing users with short-lived keys, and allows administrators to control access with flexible attribute-based policies. Furthermore, it only requires minimal changes to existing or newly created SSH hosts.

Why CloudGate Key Manager?

____

Makes access to cloud servers using SSH Key more secure.

CloudGate Key Manager utilizes CloudGate’s authentication infrastructure to prevent SSH key leakage and third party usage by performing various access restrictions and user authentication such as multi-factor authentication, biometric authentication, IP restriction, etc..

Improves safety whilst keeping the convenience of your cloud server intact.

Amazing Features

____

Key Lifecycle Management

CloudGate Key Manager lets you control the lifetime of your users’ SSH keys by configuring a key rotation policy.

Access Control

CloudGate Key Manager allows you to define attribute-based access control (ABAC) policies for users, groups, organizational units or any combination thereof.

Strong Authentication

Key Manager utilizes CloudGate UNO’s vast features which enforces strong authentication in the Cloud.

Key LifeCycle Management
Access Control
Strong Authentication

Control the Lifetime of your Keys

____

CloudGate Key Manager lets you control the lifetime of your users’ SSH keys by configuring a key rotation policy. Specifying a short-lived key validity period forces users to generate a new key pair on a monthly, weekly or even daily basis, thus reducing the risk of stale keys finding their way out of the organization.

In addition, removal or suspension of a user will immediately result in the revocation of this user’s keys, and individual keys can be manually revoked in case they are compromised by theft or loss.

Implement fine-grained
Access Control

____

CloudGate Key Manager allows you to define attribute-based access control (ABAC) policies for users, groups, organizational units or any combination thereof.

Using these policies, you can limit the instances that can be accessed by selected entities through a powerful logic tree. This logic tree lets you define any possible combination of instance attributes and allows you to restrict the range of accessible instances to a given cloud environment, region, instance type, or even to a specific instance ID, hostname, account or tag.

Enforce Strong Authentication with CloudGate UNO

____

CloudGate Key Manager does not store any private keys, nor does it keep them in memory. After authenticating, generation of the key pair is triggered by the individual user, after which the private key is presented to the user for a one time download.

Since authentication for both users and administrators is handled by CloudGate UNO single sign-on, administrators can take advantage of CloudGate’s security profiles to set up strong authentication for their users, and prevent keys from falling in the hands of unauthorized parties.

INQUIRY

____

If you have any questions, please feel free to contact us.

TEL: (+81)3-3384-1123 FAX: (+81)3-3384-1124

◄  ISR Global