BastionXP is a Public Key Infrastructure (PKI) / Certificate Authority (CA) that creates, signs and distributes SSH, SSL/TLS X.509 certificates to servers and end users upon successful SSO login and 2FA authentication via OAuth providers such as GitHub, G-Suite, Microsoft Office 365, Okta and more.
BastionXP automates certificate management at scale, while simplifying your end-user workflow without compromising security.
BastionXP also has a built-in SSH proxy server that can be configured to function as an SSH bastion host. BastionXP works seamlessly with OpenSSH server and client software.
BastionXP offers Zero Trust Network Access(ZTNA) Security. All servers and end-users are required to authenticate with the BastionXP Authentication Server using an SSO and 2FA login, before access to the network can be granted.
BastionXP issues short-lived SSH, TLS/SSL X.509 certificates to end-users so that no user would have an indefinite access to any network resource. Moreover, these certificates, issued to a specific user based on Role Based Access Control(RBAC) can be used to access only a specific server(s) in the network. BastionXP provides you fine-grained control over who can access what resources in a network and for how long.
All network access events are logged and available for download, so that the logs can be analyzed using a log analyzer for anamoly detection.
BastionXP solution is available in three different formats:
Software | Features | Best Suited For |
---|---|---|
Free Software Version | Limited features & best-effort support | Hobbyists, educational purposes and non-commercial use cases. |
Cloud-Hosted Version | All enterprise features & priority customer support | Small teams and Startups. |
Self-Hosted Version | All enterprise features & priority customer support | Enterprises and Large Organizations. |
No features have been listed yet.
Based on our record, Azure Multi-Factor Authentication seems to be more popular. It has been mentiond 2 times since March 2021. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
This is the answer, more detail: https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-mfa-howitworks. Source: about 2 years ago
Make sure that you back-up the active app-configuration, this way you have an easier way to recover; make sure you are allowed to verify using more than an authenticator, more here. Source: about 3 years ago
Google Authenticator - Google Authenticator is a multifactor app for mobile devices.
Smallstep Certificates - A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
Authy - Best rated Two-Factor Authentication smartphone app for consumers, simplest 2fa Rest API for developers and a strong authentication platform for the enterprise.
Teleport Database Access - Instant, secure, & privileged access to Postgres and MySQL
Duo Security - Duo Security provides cloud-based two-factor authentication. Duo’s technology can be deployed to protect users, data, and applications from breaches, credential theft, and account takeover.
OpenXPKI - OpenXPKI is a software stack that provides all necessary components to manage keys and certificates...