Bastion Hub

Managed Privileged Access

Bastion Hub provides a single, secure portal through which users can use Bastion Hosts to access all the remote networks that they are authorised to access. Access to the portal is via Transport Layer Security (TLS) from authorised endpoints only.

Your first line of defence.

As the development of all technology and networking advances, businesses are enabled more than ever to streamline delivery of services, especially services regarding IT infrastructure. The implementation of hosting strategies that include multiple Cloud platforms, on-premise infrastructure and everything in between has presented businesses with a number of challenges. One such challenge relates to managing access to all the different environments consistently and securely, with a workforce expecting location flexibility.

Emerging trends are being identified as moving towards remote and home-based working. Previously such remote production was exclusively for organisations who have invested into preparation and support for such circumstances. Cubelus has developed its bespoke solution to ensure that businesses can support any additional requirements for secure remote and access to their sensitive servers. This in turn enables an uncompromised approach to continuity of services during traditionally disruptive circumstances.

Our Product.

Cubelus has developed a solution called Bastion Hub which enables the secure access to an unlimited number of environments hosted on any platform from a single browser-based portal. IT Administrators and other users including but not limited to developers and testers can now be given access to a wide range of environments through a portal that enforces access control, security monitoring and a wide range of other security controls.

Is it Secure?

Yes. It has been designed by NCSC certified architects and uses industry best practices throughout. BastionHub has been designed to be easily accreditable by Risk Owners in regulated industries such as Financial Services and high assurance environments such as Central Government.

All data is encrypted. Full Disk Encryption is used for Bastion Host storage. A Just-In-Time VPN will allow the user’s Bastion Host access to the remote network. The VPN is terminated once the Bastion Host is no longer in use. This means that there is never a permanent link to the remote network.

Access Control is enforced on a deny by default, allow by exception basis. The Portal enforces Least Amount of Privileges and Zero Trust. Users are only given access to the Bastion Hosts they are assigned and those Bastion Hosts can only be used to access designated remote networks. User events within the Portal are logged and a video recording is created of the user’s remote session on each Bastion Host. These recordings cannot be interfered with by the user. A Global Admin or SOC team can view sessions in real time to monitor compliance.

320 Firecrest Court Centre Park, Warrington, United Kingdom, WA1 1RG Company number: 10485659

© Copyright 2021 - present