Shell Control Box

The topic of this article may not meet Wikipedia's general notability guideline. Please help to demonstrate the notability of the topic by citing reliable secondary sources that are independent of the topic and provide significant coverage of it beyond a mere trivial mention. If notability cannot be shown, the article is likely to be merged, redirected, or deleted. Find sources: "Shell Control Box" – news · newspapers · books · scholar · JSTOR (Learn how and when to remove this message)

This article may be too technical for most readers to understand. Please help improve it to make it understandable to non-experts, without removing the technical details. (Learn how and when to remove this message)

This article does not cite any sources. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "Shell Control Box" – news · newspapers · books · scholar · JSTOR (Learn how and when to remove this message)

Shell Control Box (SCB) is a device for controling and monitoring administrative protocols used for remote access or management in computer technology. SCB is a Linux based device developed by Balabit IT Security and based on Zorp technology. SCB inspects remote access protocols such as SSH, RDP, Telnet, or Vnc protocols. It can act as a transparent device (as a Router or a Network switch) an also in different non-transparent ways (jumpserver).

SCB controls only administrative protocols with the embedded application layer gateway (proxy) technology.

Enforced policy controls classical network access control mechanisms: source IP, destination IP/port and protocol enforcement by layer 7 protocol analysis. It also controls user IDs (eg. root or Administrator is prohibited) by classical

SCB supports gateway authentication, which is a two faktor authentication serverd by SCB: users initiate connections and they also have to login to SCB and enable their own connections.

SCB also supports four eyes priciple, when users who log in must differ from enabler user. It makes sure the user cannot log in without permission.

RDP and SSH protcols implements channels on the top of connection layer. Each SSH and RDP functions are performed in dedicated channels such as Shell is in Session shell channel or Drawing is the channel of Desktop forward in RDP. SCB impemets an advanced control function of

Inspected protocol content can be stored in Audit trail and replayed by the Audit Player tool.

BalaBit IT Security