Secure Application Connectivity

The Tectia client/server solution can be used to replace unsecured TCP-based terminal connections (for example, Telnet) to business-critical enterprise applications. Through strong encryption and data integrity, the Tectia client/server solution protects sensitive data and passwords against unauthorized access, facilitating compliance with regulations and best practices. Strong authentication of users is supported through broad integration with third-party authentication systems or Tectia Zero Trust Module.

The Tectia client/server solution offers the following ways of securing data communications between standard TCP-based applications:

Tunneling, or port forwarding, is a way to forward otherwise insecure application traffic through Secure Shell. Tunneling can provide secure application connectivity for weakly encrypted TCP connections or unencrypted connections, for example HTTP-based applications.
Tunneling provides encryption and strong two-factor authentication to third-party network client applications. Tectia allows different forms of tunnels depending on the environment and type of usage of the workstations or user terminals.
The Secure Shell v2 connection protocol provides channels that can be used for a wide range of purposes. All of these channels are multiplexed into a single encrypted tunnel and can be used for tunneling (forwarding) arbitrary TCP/IP ports and X11 connections.
The sshg3 command-line tool can be used interactively or in scripts. Alternatively, Tectia Client can be easily configured to open a secure tunnel when the tunneled application connects to a local listener or local SOCKS proxy service of Connection Broker.

Non-transparent tunnels: Tectia Client supports non-transparent application tunneling, which means that the tunneled applications need to be defined on the basis of the TCP ports they use. Applications with dynamic ports are not supported.
Transparent tunnels: With the transparent TCP tunneling feature activated on the client-side (on Tectia ConnectSecure), TCP-based applications can be tunneled transparently without changing the end-user experience or requiring any modifications on the applications, thus reducing the total cost of ownership.
Static tunnels: Tectia Client can also be used for application protection using the static tunneling feature. As opposed to transparent TCP tunneling, static tunnels are configured so that an application connects to a local port running Tectia Client, and the Client tunnels the application to a specified remote host.