Secure Application Connections

The SSH Tectia client/server solution offers tunneling and secure shell tools as ways of securing data communications between any standard TCP-based applications. The sshg3 command-line tools can be used interactively or in scripts.

Tunneling, or port forwarding, is a way of forwarding otherwise unsecured TCP traffic through SSH Tectia in encrypted format. You can secure for example POP3, SMTP, and HTTP connections that would otherwise be unsecured.

Tunneling provides encryption and strong two-factor authentication to third-party network client applications. SSH Tectia allows different forms of tunnels depending on the environment and type of usage of the workstations or user terminals.

Secure connectivity over Internet

Tunneling makes it possible to access e-mail from any type of Internet service irrespective of the access method (modem, GPRS, 3G, a DSL line, or a cable connection, or a hotel Internet service). As long as the users have a TCP/IP connection to the Internet, they can get their e-mail and access other resources from anywhere in the world securely.

This is often not the case with more traditional IPSec-based VPN technologies because of issues with traversing networks that implement Network Address Translation (NAT). This is especially the case in hotels. NAT breaks an IPSec connection unless special protocols such as NAT- Traversal are implemented on the client and gateway. A hardware gateway is usually also needed.

Non-transparent tunnels

SSH Tectia Client supports non-transparent application tunneling, which means that the tunneled applications need to be defined on the basis of the TCP ports they use. Applications with dynamic ports are not supported.

CryptiCore® support

The SSH G3 architecture and the high-speed CryptiCore® algorithms (Intel platforms) help in meeting the performance requirements of large-scale application access scenarios. CryptiCore enables up to 600 Mb/s application tunneling throughput in 1Gb networks with SSH Tectia Server.