25101.jpg

Engineered for Remote and Secure Productivity

A Remote Access, Authorization & Security System that powers real-time Cognition, Detection & Response.

  • User specific device access

  • User management and permission

  • Data centre access

  • Secure file transfer capabilities

  • Temporary, role-based access for third parties 

  • Privileged access to OT endpoints 

A crucial and immediate need for modern enterprises is a solution that grants clear and direct access to every component in their IT infrastructure (often spread across public and private clouds) while simultaneously ensuring granular access controls, monitoring and recording of all actions with real-time control over every privileged session.
iStock-693644010_comp.jpg
3074_comp.jpg
Infraon SecuRA offers you a multi-pronged approach to “Remote Security and Access” – one that gives you exhaustive and complete control over your IT infrastructure, no matter how complex and distributed. Administrators can now easily authorize user specific access to devices on the network and even approve what commands can be fired through it. Infraon SecuRA is web-based and offers users a “Remote Access, Authorization & Security System” that enables privileged session management for regulating access to remote systems through secure channels from a unified console. 

Typical remote access use cases addressed by Infraon SecuRA

Secure and audited access of the Network Core via CLI protocols (SSH and Telnet) - These can be on-premises, at the edge, in the cloud, and hybrid environments – all controlled from a single console across multiple users with different privileges. A direct Single Sign On with no exposure to username and password is possible to these devices. 

Remote work facilities – Wouldn’t it be easy to easily span and manage the entire workforce by enabling privileged access to sensitive corporate systems through secure CLI sessions. SecuRA also offers granular access controls for enterprise system administrators to provide users with just enough privileges to access the required devices and the commands they can execute in those given devices.

Remote access to the network via the CLI jump server - The CLI connection to the end device would always be initiated from the secuRA server and not from the client’s device. This create a boundary of security and provides much higher protection levels. In the event of any compromise of the client’s device, it is never carried forward. 

Temporary, role-based access for third parties – These can be granted for contractors, vendors, and outsourced employees to access networks and servers without the need for privileged credentials. Using SecuRA administrators can create custom roles for them with just the right access to conduct their tasks, while recording, logging, and monitoring their activities.

Collaborative session settings - For administrators to join an ongoing remote session with a single click for brainstorming, and also offering assistance to users while monitoring their activities during troubleshooting sessions.

Session monitoring – This helps promote organizational transparency while providing IT administrators with the ability to view and, if necessary, interrupt and terminate an active session. Easily record every user session with playback capabilities for forensic audits.

Conduct Audits – Gain clear insight into what has changed and which user/s have made changes in an easy searchable format. 

Configure Scheduled Jobs: The administrator can write CLI scripts and scheduled them to be executed by the system. The system allows complex condition based scripts to be executed. 

Command Restrictions: Restrict commands that are potentially dangerous and unauthorised made by unwitting users. 

Secure file transfer capabilities: Ensures that all files transferred over the network are clear and secure. Any files that are suspect or infected are denied access. 

Infraon SecuRA – Powerful Features

Infraon SecuRA offers you a rich feature set and myriad options to enable your RSA. Please go through our feature list to know more.

Powerful & Versatile Features

 

Try Infraon SecuRA

If you would like to take Infraon SecuRA for a trial run before making a purchase, please do so by filling out the details below.

Please note: The free version offers you five nodes/devices for one year.

The free version includes twelve months of maintenance (upgrade entitlements) and email support

Infraon SecuRA User Assistance

Welcome to the Infraon SecuRA user assistance section. Here you will all pertinent technical documentation and help documents and videos that will help to tackle any issues you may have. If you still need further assistance, please don’t hesitate to reach out to us support.infraon@everestims.com

Infraon SecuRA Operations Guide

Infraon SecuRA Pre-Requisites and Troubleshooting Guide

eBrochure

Infraon SecuRA Help Videos

SecuRA Presentation

1. Product Queries

1.1.  What is Infraon SecuRA? 2. What is Infraon SecuRA?


Infraon SecuRA, powered by EverestIMS is a Remote Access system for networks and servers (CLI based). It comes with built-in Authorization, Authentication and Job Scheduling modules to help the administrators secure the network’s remote access.

SecuRA's web portal-based system enables the Network Administrator to control access of a user to a selected set of devices and manage the same by restricting activities that can be performed by the user within the system. Restrictions can be both time and command based. All user activities can be monitored in real-time and audited anytime.

In addition to the above features, SecuRA facilitates running scheduled Jobs and performing remote file management in a secured manner.




1.2.  How can SecuRA help you? 2. How can SecuRA help you?


Infraon SecuRA console helps users take quick access to devices and perform operations in a safe and efficient manner. The SSO feature on access management eliminates the necessity of users remembering (or note down) all devices credentials.

Organizations do not need VPN configurations in order for the vendor(s) and partner(s) accessing their network to provide support to the devices. With the help of Infraon SecuRA vendors and partners can be enabled secured access to devices (with complete audits) for support activities.




1.3.  What are the devices/Vendors supported by SecuRA? 2. What are the devices/Vendors supported by SecuRA?


Infraon SecuRA supports SSH, Telnet & SFTP protocols which covers a wide range of devices like systems, servers, applications, routers, switches, firewalls, Cameras etc., covering a global range of makes and models.




1.4.  Is there a trial version available for evaluation?  2. Is there a trial version available for evaluation?


Yes. SecuRA Pro Version with fully enabled features is available as a trial version. This can be used for 5 devices and 1 user up to a year. Request extension of trial for additional years by contacting our support or sales team prior to the end of your trial period.




1.5.   What are the support options available for the trial version?


Email support is available for the first 3 months of the Trial period. Support starts from the date of product registration.




1.6.    What are the Licensing options available?


Licensing of SecuRA is based on the count of devices/nodes that are to be managed through SecuRA.




1.7.     How can I purchase SecuRA? What are the payment options?


Infraon SecuRA License can be purchased online and from our website or offline by contacting our sales team. You can pay online through PayPal and PayU. Alternatively, you can also wire transfer the payment to our company account.

Get in touch with our Sales team now




1.8.      Can I go through the documentation before I buy?


Gladly. The complete documentation is available online on our website. Feel free to go through or download the same.




1.9.       My online purchase was successful. However, I have not received the License file.


Please get touch with our Sales team. They will help you with the License files.




1.10.        I have misplaced the License.txt file. Is it possible to retrieve it?


Yes. It is possible to retrieve the license file. Please get touch with our Sales team for the same.




1.11.         Can I use the same license file to reinstall SecuRA on my other device?


No. The license file is valid for a single machine only. You will need to re-request for license file.




1.12.          I see that there has been an update on SecuRA since my purchase. How can I purchase/update to the latest version of SecuRA?


Once you have purchased the license, updates can be download directly from our site and updated on your machine. Details of updates and the steps to update would be explained on the website.




1.13.          What are the support options available for the trial version?


Email support is available for the first 3 months of the Trial period. Support starts from the date of product registration.




1.14.          an I purchase copies of older versions of SecuRA?


No. Older versions will not be available for purchase.




1.15.           I am an existing customer of SecuRA. Can I get any discount for repeated purchases?


Of course. Please reach out to our sales team to know your eligibility for discounts. They will be helping you with SecuRA Promo codes for discounts.




1.16.            What are the Refund and Cancellation Policies?


Since there is a fully free version of SecuRA Pro available for evaluation, there is no refund or cancellation on the product. If you are facing any issues, our support team would help rectify the same.




1.17.             Where can I find the License information?


The license information is available in the license page of Infraon SecuRA and in the email containing the license file.





2. Login Queries

2.1. I have forgotten the default password given by the Network Administrator. What are my options to reset?


Yes. Click on the 'Forgot Password' option located on the Login page. Type in the username and email address (both are mandatory fields) to receive an email to reset your password. If you have trouble remembering your username or the registered email address, please get in touch with your network administrator.




2.2.  How many attempts of incorrect username/Password trials are allowed on SecuRA?


By default, SecuRA allows two trials of incorrect input to login. This however can be changed by your network administrator.




2.3. How can I change my account's password?


User can change password using the 'Change Password' option within User Account (grouped under the User Management module i.e. on the left panel).




2.4.  Why am I asked to reset my Password frequently?


Infraon SecuRA prompts the user to change password on the below occasions:

  • When the user logs in for the first time - for security reasons
  • When there has been a change in the Password Policy - updated by the Network administrator to comply with the changes in internal or external policies.
  • When password is due for change as mandated by the network administrator (once every 'x' days).




2.5.  Is there an option to disable captcha from the Login page?


Yes. Change the value for 'CAPTCHA_LOGIN' as "0" on System Parameters page. System Parameters grouped under Manage menu can be accessed by clicking on the top panel). Access to this module may be restricted for some users.





3. Discovery Module

3.1. What are the multiple ways to import Devices onto Infraon SecuRA?


There are three ways to import network devices onto SecuRA.

  • Add a Device - used to add device individually
  • Automatic Discovery - To discover devices automatically
  • Device CSV Upload - used to import devices using CSV file

Automatic Discovery & Device CSV Upload are features of Infraon SecuRA Pro only.




3.2. I am unable to see only 'Add Device' within the Discovery module.


Looks like you are using the Standard version of Infraon SecuRA. Automatic Discovery & Device CSV Upload are features of Infraon SecuRA Pro only.




3.3. Does SecuRA support discovery of existing devices?


Yes. Discovery of existing devices is possible with Infraon SecuRA Pro version.




3.4. Some of the devices are discovered with no additional information. Why?


Additional Device information is extracted from device(s) during discovery process. This is only possible when the devices are reachable through SSH or Telnet. If information is missing, rediscovering the devices using SSH/Telnet. If you are using Infraon SecuRA standard, the device must be deleted before attempting discovery.




3.5. Once the devices are added onto SecuRA, will I be able to edit Device information?


Yes. Click on the Device from 'Device View' or 'Device Grid' page to edit device information like IP address, Asset ID, Product Type, Service Type etc...




3.6. Where can I see the results of Discovery?


In general, results of Discovery can be viewed on 'Device Grid' & 'Device View' pages. Discovery failure details will be displayed in real time, on the discovery page and also within the 'Audit' section of Infraon SecuRA.




3.7. Can I edit device information in bulk?


Yes. Click on 'Device Inventory Update' icon, located on the Device page to use the CSV file to perform edit operation in bulk.





4. Devices Module

4.1. Why are some of my SSH/Telnet icons in grey and some blue in colour?


Users can use SSH and Telnet icons from the Device View page to establish Single Sign On (no additional authentication required) remote connection with the selected device. When users are authenticated by the network administrator, the icons are highlighted in blue. However, users can connect to devices by clicking on the grey icon and providing 'Access Reason’.




4.2. How can I access devices that are not SSO enabled for me?


There are three options to connect to a device. However, all of them requires the user to state a reason to establish connection with the device.

  • From the Device View page, click on the respective icon (SSH/Telnet), state reason to access and click 'Connect'.

  • From Device page, click on (SSH/Telnet), state reason to access and click 'Connect'.

  • Alternatively, click on ('Device Grid' page) and select SSH/Telnet accordingly, state reason to access and click 'Connect'.




4.3. When I click on SSO icon, I do not see anything happen. Why?


If you are authenticated to SSO to the device, SecuRA should immediately establish the CLI connection. If not, it is possible that the device is not reachable, please contact your Network Administrator.

If SSO is not enabled, a pop-up screen is displayed for the user to request connection by stating the reason. Ensure that your browser is enabled to allow Pop-up messaged from 'Infraon SecuRA'. If none of the above seems to help, please contact your Network Administrator.





5. CLI Session

5.1. My requests to initiate CLI connection was not successful. Why?


There are multiple reasons that can cause this. Ensure that the port is not blocked by firewall. See if the device is reachable by 'Ping'. Check if SSH/Telnet is enabled in the device you are trying to establish a connection with. If you are still unable to establish a connection, please contact your network administrator.




5.2. Can I access multiple systems at the same time? Is there a limit on Concurrent connections?


Yes. Users are allowed to access multiple systems at the same time. There is no limit on concurrent connections.




5.3. Does SecuRA support GUI Remote Access?


This feature is currently under development and will be available in the upcoming releases.




5.5. My connection ended abruptly. I am not sure if the changes were executed.


Try to re-establish connection and use 'show' command to view the current configuration of the Device. Configuration changes can be noticed to know of changes were executed.




5.3. Does SecuRA support GUI Remote Access?


This feature is currently under development and will be available in the upcoming releases.




5.6. Every time I try to execute a command, my connection ends. Why?


If a user tries to execute non permitted commands (as defined by the administrator), the session ends repeatedly. Check with your network administrator to request access to execute the specific command.




5.7. Why am I not able to execute a specific command?


It is possible that the Network Administrator has blocked these commands from being executed. Check with your network administrator to request access to execute the specific command.





6. Configuration Profile

6.1. What is a Configuration Profile and why is it needed?


Configuration Profiles are created and managed by network administrators to save device information like name, vendor, model, OS and connection protocols that are needed to establish a connection with the device using SSH/Telnet.




6.2. Why do I need multiple Configuration Profiles?


Multiple Configuration Profiles are used required to support devices across multiple makes and models. Profiles can be edited, or new profiles can be created, based on the device requirement.




6.3. Can I make changes to a Configuration Profile?


Yes. Click on the Configuration Profile Name to make changes to the profile. Remember to save the changes.





7. CLI Session

7.1. What is Upload Job?


Upload Job is created by user to make specific configuration changes on selected devices using Infraon SecuRA. Users can add details like Job description, add commands within Task details, add a schedule and select access control details. User can review the details before submitting the same for execution.




7.2. Where can I view the details of the executed 'Upload Job'?


Click on the icon on the Upload Job page to view the report.




7.3. Is it possible to make changes to 'Upload Job' after it is saved?


Yes. However, changes can be done only before or after the Job execution not while the job is 'In-Progress'.




7.4. Why is my Job not being executed?


Check job Schedule (Date & Time). Make changes if you would like to change execution schedule.




7.5. The changes I have made in the Configuration Template aren't being applied when 'Upload Job' is executed. Why?


Changes (Commands) added to the configuration template (after being linked to the Job') will not be executed. Edit job by making changes to the template attached to the job or re-select the template.





8. Configuration Template

8.1. What is a Configuration Template?


Configuration Template is used to write and store commands that are required to be executed on devices within the network. A number of Configuration Templates are pre-configured on Infraon SecuRA.




8.2. Can I add new Configuration Templates? What do I need to know to create a new Template?


Yes. Configuration Template can be added to suit the requirement. The user only needs to have knowledge of prompts to achieve the expected output.




8.3. What are the command template variables used in Infraon SecuRA?


SecuRA supports multiple types of substitution objects for Variable substitution within configuration template. They are:

  • Runtime object
  • Global object
  • Type object
  • Default object
  • Remark object
  • Optional object
  • Check object
  • LOCAL_SHELL object
  • Device object
  • Interface object
  • Job object
  • Profile object
  • Trigger object
  • Profile object
  • Time object





9. User Management

9.1. Why am I not able to see all the modules listen on the main page of SecuRA?


Access to SecuRA modules are based on Roles and Privileges assigned by your Network Administrator. The administrator has the privileges to grant access specifically to View, Add, Edit, Delete, Enable, Disable, Execute, Export actions. If you wish to access any module that you currently do not have access to, please get in touch with your administrator.




9.2. What is Password Policy? Why is it needed?


Access to Infraon SecuRA enables the user access other network devices and perform important configuration changes on them.

Password policies are a part of compliances and is required to secure access to your account and thereby securing the network given by your administrator. Infraon Password Policy module lets the administrator match with internal and external compliance policies.




9.2. Can I change the column information on SecuRA pages?


User Preferences page enables the user select information displayed on pages. By default, page information is based on the role assigned to the user.

The user can however customize page view by adding/removing information columns. At this point, information from the below pages can be customised:

  • Devices (Grid)

  • Upload Jobs

CLI Jobs





10. Reports

10.1. Are there any default Reports configured on SecuRA?


At this point of time, there are 5 default reports configured on SecuRA.




10.2. Is it possible to receive automatically generated reports on Device Configuration in my mailbox?


Offline reports can be configured to be delivered to the user’s mailbox.




10.3. What are the multiple types of reports available on SecuRA?


SecuRA contains pre-defined set of report widgets that can be used to create reports containing crucial information about the network. There are multiple Report Types available on SecuRA. They are

  • CLI Job Report
  • Change Job Trend Graph
  • Device CLI Job Statistics Report
  • Device Component Report
  • Device Interface Report
  • Device Upload Job Statistics Report
  • Network Inventory Report
  • Network Operations Report
  • Network Task Automation Report
  • Server Performance Report
  • System Audit Report
  • Upload Job Audit Report
  • Upload Job Command Summary Report
  • Upload Job Summary Report
  • User Activity Report
  • User Audit Report




10.4. Can SecuRA reports be exported?


Yes. SecuRA reports can be exported into PDF, Excel or CSV formats.





11. For Network Administrators

11.1. Why Infraon SecuRA?


For Network Administrators:

Infraon SecuRA helps Network Administrators secure the Organization’s infrastructure by:

  1. Defining Access - define user access to an individual device or group of devices, the time schedule when they can access and also authenticate SSO for Users thereby keeping the access passwords safe.
  2. Defining the Control on Access – define the control level of user access by permitting or denying specific commands and permit or deny file modifications by the user.
  3. Perform centralized Audits for all operations - SecuRA’s Advanced Script Execution helps admin perform provisioning of network devices in Bulk scale and context based.

In additional to the above:

  1. SecuRA modules like User Groups, Device Groups, Multiple selections helps administrators efficiently automate operations.
  2. Password Policy, Notifications on Script Executions, Reports and Dashboard modules give the administrator an insight of operations via SecuRA in Detail.

Organizations do not need VPN configurations in order for the vendor(s) and partner(s) accessing their network to provide support to the devices. With the help of Infraon SecuRA vendors and partners can be enabled secured access to devices (with complete audits) for support activities.

For Users:

  1. Infraon SecuRA console helps users to take quick access to devices and perform operations in a safe and efficient manner.

  1. The SSO feature on access management eliminates the necessity of users remembering (or note down) all devices credentials.

In a nutshell, Infraon SecuRA is for all Remote Users to manage the Devices securely.




11.2. What is the recommended hardware sizing required for Infraon SecuRA?


Hardware sizing is based on the number of devices that are planned to be managed through SecuRA. The recommended sizing are as follows:




11.3. How can I restrict user(s) from accessing devices other than the allotted devices?


Restricting user access on devices can be achieved by simply configuring a ‘Device Group’ on SecuRA.

Steps to group devices on Infraon SecuRA:
  1. From the left panel, click -> Device Group.
  2. Click ‘Add’ to configure a new device group.
  3. Provide a Name for the group (For ex. Vendor Users/Server123/XYZ)
  4. Select user(s) to enable Device Group access.
  5. Select conditions and filters to suit your requirement.
  6. Click ‘Save’

Infraon SecuRA supports grouping of devices with following parameters:

  • Device Details like Region, State, City, Location, Country, Hostname, IP Address, Vendor, Category, Product Type, Service Type, Series, Model, Device Type, OS Name, OS Version, Mac, Image File Name, EOL, EOS, Asset ID, Owner, Address ,Domain, Sys Object Id, Priority, Client, Poller ID, New OS Version, Contact Person, Email ID, Contact No, Service Tag, Connection Protocol, Protocol, Download Status
  • Login Profile (Device Credential’s name)
  • Configuration Profile (Configuration profile name)
  • Vulnerability (vulnerable status)

! Refer Infraon SecuRA Operations Guide for more details.




11.4. Is there a way to configure and manage Command control for user(s)?


Command control can be configured and managed through the ‘Authorization Profile’. Here Command Control can be managed using three options:

  1. Permit Commands – Command (sets) that are permitted for execution by the User/User Group. Commands that are not added in the ‘Permit’ section will be blocked at the time of execution.
  2. Deny Commands - Command (sets) that are denied for execution by the User/User Group. When a user tries to execute commands, which are mentioned in this section, SecuRA terminates the session or blocks the user and/or triggers a notification, as defined by the administrator.
  3. Ignore Commands – used to ignore inputs like password and other User credential input. For example: When a user tries to execute a Command, that requires authentication by the system, the user is prompted by the system to provide additional information. In this case, the system prompt must be added in the ‘Ignore’ section. If not, system runs the command through the Permit command list and may end up blocking the command/command set.

In addition to the above, the administrator can select the remediation actions when the user tries to execute command(s) restricted by the administrator.

  1. Terminate Session - The current CLI Session is terminated immediately.
  2. Block Command - Commands are blocked from being executed on devices.
  3. Execute and Notify – Commands will be executed and a notification regarding the change is triggered (administrator or manager or another user, as configured).

Note: Infraon SecuRA accepts command input in regex pattern only.

! Refer Infraon SecuRA Operations Guide for more details.




11.5. Can Infraon SecuRA be integrated with account management system like AD, TACACS or RADUIS?


Yes. Infraon SecuRA supports all the above Account management systems however the integrations are based on the license. A License with ‘External Directory’ feature must be purchased.

Procedure to establish connection between from Infraon SecuRA server to ACS is as follows:

From the left panel click -> ‘External Directory

Click ‘Add’ to add an Access Control Server (ACS).

Provide credentials to connect to the Server.

Use ‘Verify’ button to ensure that the connection from Infraon SecuRA server to ACS is successful.

‘Save’ the profile.




11.6. How can I limit user(s) access into the network device?


Infraon SecuRA’s Temporary Account feature can be used to give access to any user for a limited period. However, this feature is based on the license. A License with ‘Temporary Account’ feature must be purchased.

While adding a new user, select ‘Access Start and End Date’ and ‘Access Start & End Time’.

Note: Ensure that the account is assigned with the right Role & Privileges to manage control level of access.




11.7. How can I keep a track of changes performed by users across network?


Infraon SecuRA captures specifics of every users every activity across the network. ‘Audit trail’ component is used to perform the following checks:

  1. Automatically log all actions (user and administrator).
  2. Administrator can view Audit logs based on the filter criteria like Time Scale, User IP, User Name and Event Types etc.,




11.8. Is it possible to search for specific commands within the audit section?


Infraon SecuRA is integrated with ’live CLI session activity management’ feature which helps administrators search using commands and keep a track of users executing the same on devices.

CLI sessions can also be managed and monitored from the ‘CLI Jobs / Sessions’ grid page.




11.9. How can I prepare a report of Access Audits?


There are multiple default Report Types available on Infraon SecuRA. To generate a report of user access in SecuRA, use ‘User Activity Report’. This report provides a detailed record of all user activities carried out in SecuRA.




11.10. Can there be a limitation on running Network Scripts on multiple devices?


A network script (part of Configuration Template) is restricted to a single vendor. To use it on other vendors, a new template must be created. Most importantly, only a PRO user is allowed for multiple device script execution in a single attempt.




11.11. Does Infraon SecuRA support scheduling of Network Scripts on specific devices?


Yes. Scheduling of activities vary from performing only once at a specific time to daily, weekly, and monthly to suit the requirement.




11.12. How can I monitor the Server, Processor, and memory utilization of the server where Infraon SecuRA is installed?


Yes. Infraon SecuRA’s supports self-performance monitoring. ‘Server Performance Monitoring’ feature must be a part of the license purchased.





Frequently asked questions

Contact us

EVERESTIMS TECHNOLOGIES PRIVATE LIMITED

3rd Floor, Site no 14, Axis one 4 dollar Layout

15th cross,100 feet ring road, 4th phase,

J P Nagar Bengaluru-560078, Karnataka

Landmark: MG India Motor Showroom

Tel: +91 80 46567100   

Fax: +91 80 46567140

Email: sales@everest-ims.com

Get In Touch
  • Black Facebook Icon
  • Black Twitter Icon

Copyright © EverestIMS Technologies Pvt. Ltd. All rights reserved.

Everest Corporate Logo (New Color).png