Akeyless Vault Platform's Secure Remote Access solution enables users to securely connect directly to resources - servers, databases, internal applications, and SaaS - in any of your environments, whether private, public, or on-prem.
Users can connect securely to resources from the Secure Remote Access Portal. Akeyless supports a variety of protocols, including SSH, RDP, SQL, Kubectl, and more.
Depending on the resource type, users can select to access the resource either over the Web or using native CLI. In addition, Akeyless Connect command provides users with CLI access to some resource types from any UNIX terminal.
For more information about the resource types to which you can connect and how to set up access, see Supported Resource Types.
Secure Remote Access is enabled by the Basic Bastion. For native CLI access, an additional component called the Professional Bastion is required. When you define secure remote access to external SaaS systems, the Web Access Bastion enables you to only allow access in Isolated mode, which restricts user access to other websites while they are connected to a SaaS system.
For details about these components, see Infrastructure Components.
When a user needs to connect to a resource, the Basic Bastion interfaces with the Akeyless Vault for user authentication and authorization. It then retrieves the required credentials from the Akeyless Vault and automatically injects them into the resource to give the user access.
In this way, our Secure Remote Access solution uniquely combines the ability to interface with 3rd-party identity providers for authentication with granular role-based access control for authorization, and the ability to provide just-in-time access to endpoint resources, using dynamic secrets as short-lived credentials and certificates.
Because communication between the user and the resource passes through the Basic Bastion, Akeyles can provide full session auditing and recording capabilities to keep you compliant. You can forward the system logs to your log management solution, as described in Log Forwarding.
Updated 12 days ago