BastionXP is a Public Key Infrastructure (PKI) / Certificate Authority (CA) that creates, signs and distributes SSH, SSL/TLS X.509 certificates to servers and end users upon successful SSO login and 2FA authentication via OAuth providers such as GitHub, G-Suite, Microsoft Office 365, Okta and more.
BastionXP automates certificate management at scale, while simplifying your end-user workflow without compromising security.
BastionXP also has a built-in SSH proxy server that can be configured to function as an SSH bastion host. BastionXP works seamlessly with OpenSSH server and client software.
BastionXP offers Zero Trust Network Access(ZTNA) Security. All servers and end-users are required to authenticate with the BastionXP Authentication Server using an SSO and 2FA login, before access to the network can be granted.
BastionXP issues short-lived SSH, TLS/SSL X.509 certificates to end-users so that no user would have an indefinite access to any network resource. Moreover, these certificates, issued to a specific user based on Role Based Access Control(RBAC) can be used to access only a specific server(s) in the network. BastionXP provides you fine-grained control over who can access what resources in a network and for how long.
All network access events are logged and available for download, so that the logs can be analyzed using a log analyzer for anamoly detection.
BastionXP solution is available in three different formats:
Software | Features | Best Suited For |
---|---|---|
Free Software Version | Limited features & best-effort support | Hobbyists, educational purposes and non-commercial use cases. |
Cloud-Hosted Version | All enterprise features & priority customer support | Small teams and Startups. |
Self-Hosted Version | All enterprise features & priority customer support | Enterprises and Large Organizations. |
Twingate is a secure remote access solution for an organization’s private applications, data, and environments, whether they are on-premise or in the cloud. Built to make the lives of DevOps teams, IT/infrastructure teams, and end users easier, it replaces outdated business VPNs which were not built to handle a world in which "work from anywhere" and cloud-based assets are increasingly the norm.
No features have been listed yet.
Smallstep Certificates - A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
OpenVPN - OpenVPN - The Open Source VPN
Teleport Database Access - Instant, secure, & privileged access to Postgres and MySQL
NordLayer - NordLayer is a business-oriented stress-free cybersecurity solution enabling organizations to establish secure access to the internet, company network and resources and help accomplish compliance requirements for any way of working.
OpenXPKI - OpenXPKI is a software stack that provides all necessary components to manage keys and certificates...
TailScale - Private networks made easy Connect all your devices using WireGuard, without the hassle. Tailscale makes it as easy as installing an app and signing in.