Announcing Keeper Connection Manager (KCM): Privileged Access to Remote Infrastructure with Zero-Trust and Zero-Knowledge Security
Craig Lurey on
May 04, 2022
Share this blog
The mass migration to distributed work presented IT and DevOps teams with new challenges as they were forced to perform infrastructure monitoring and management remotely. IT and DevOps personnel needed a secure, reliable, and scalable way to remotely connect to their machines that is easy to manage.
Keeper Connection Manager provides DevOps and IT teams with effortless access to RDP, SSH, databases and Kubernetes endpoints through a web browser. KCM is an agentless remote desktop gateway that can be installed in any on-premise or cloud environment.
KCM is agentless and clientless. End users interact with remote desktops via a secure session from their web browser, and there are no special plugins or client software to install and maintain. In addition to all major desktop web browsers, KCM fully supports iOS and Android web browsers on mobile and tablet devices, where users enjoy access to the same capabilities as they have when accessing systems from a desktop, including RDP and SSH sessions.
To access a remote machine, DevOps and IT personnel simply click on the server or desktop you want to access from the interface. Because KCM is integrated with Keeper’s market-leading rated enterprise password and secrets management solution, all passwords and SSH keys can be protected in an encrypted vault. All traffic passes through a secure, authenticated gateway, and desktops are never exposed to the public Internet. In addition to minimizing administrative overhead and simplifying the user experience, KCM offers superior connectivity and performance compared to VPNs, which are notorious for their sluggishness and poor reliability.
Once authenticated and logged in through KCM, all user activity occurs behind the enterprise firewall, ensuring that users working remotely have the same protection from corporate security systems that they would if they were working in a physical office environment. Additionally, organizational data is stored on the enterprise network instead of on local machines, allowing data to be properly backed up and secured and minimizing the risk of data loss or leakage.
Zero-Trust Remote Access to Privileged Systems
Keeper Connection Manager allows administrators to provide access through RDP, SSH, VNC, MySQL and other common protocols, without having to share credentials with end users. Fine-grained controls enable administrators to provide access to the entire system – or just one machine. Access can be revoked at any time, and a robust audit trail identifies when and how the system was used.
For auditability purposes, KCM supports both video recordings of connection sessions and (for certain connection protocols) typescript recordings that record only the text sent to the client machine. Because these recordings are stored within Keeper Connection Manager, and not on end user machines, recording integrity is assured; threat actors cannot modify or delete them.
Rapid Deployment & Minimal Maintenance
KCM offers several flexible installation options using Docker or RPM, with authentication modules for popular databases and AD/LDAP. Out-of-the-box, KCM supports SSH, VNC, Kubernetes, MySQL databases and RDP. There are no agents, your web browser is the client, and there is no impact on your domain controllers or other services. Desktop images are easily standardized, and updates to desktops and applications can be automated.
KCM includes additional features such as session collaboration, copy-paste, mobile/tablet viewers and optimized communication protocols to deliver users an experience that is similar in performance and responsiveness to using a local resource.
Fully Integrated with Keeper’s Cybersecurity & Encryption Suite
In addition to being fully integrated with the Keeper EPM and Keeper Secrets Manager, KCM is incorporated into the Keeper Web Vault, Desktop App, and Admin Console, with further integrations into Keeper’s Advanced Reporting and Alerts Module (ARAM), BreachWatch, Webhooks, SIEM integration and compliance tools coming soon.
The addition of Keeper Connection Manager to the Keeper cybersecurity and encryption suite provides organizations with modern, enterprise-wide visibility and coverage for Privileged Access Management (PAM).
Craig Lurey is the CTO and Co-Founder of Keeper Security. Craig leads Keeper’s software development and technology infrastructure team. Craig and Darren have been active business partners in a series of successful ventures for over 20 years. Prior to building Keeper, Craig served at Motorola as a software engineer creating firmware for cellular base station infrastructure and founded Apollo Solutions, an online software platform for the computer reseller industry which was acquired by CNET Networks. Craig holds a bachelor’s degree in Electrical Engineering from Iowa State University.
Get the latest cybersecurity news and updates sent straight to your inbox
Share this blog
You May Also Like
Introducing 24-Word Recovery Phrases – The Most Secure Recovery Method
Keeper Security continually invests in new, more robust technologies to counter emerging threats. That’s why Keeper is upgrading our account recovery process via a new and more secure 24-word "recovery phrase" feature, replacing the current user-customizable...