Resources
Articles & Tips
White Papers
|
VShell® 3.9 Server for Windows and UNIX
Whether your needs focus on remote access and administration or secure file transfer, the VShell server has a full range of capabilities that enable you to:
- Provide strong, multi-protocol security for data in transit
- Control user access to features and files
- Set up and configure easily
- Monitor and log events with automation support
- Tune licensing to your requirements with connection-based editions
|
 |
 |
New in VShell 3.9
|
WIN |
UNIX |
|
| FTP over SSL (FTPS) server now available on UNIX |
VShell on UNIX now provides the same optional FTP over SSL protocol
support as available in VShell for Windows. VShell with FTPS provides
secure file transfer using the FTP protocol in which all data sent or
received is protected by SSL/TLS based encryption. |
|
|
| Configure virtual root file and folder permissions |
Use VShellConfig command-line utility to configure specific file and
folder access permissions on a per-user, per-root basis. |
|
|
| Control server access with subconfigurations |
Use VShell subconfigurations to specify connection filters on a
per-user or per-group basis. |
|
|
Key Features
|
WIN |
UNIX |
|
| Multiple virtual
root directories |
The VShell virtual root capability lets you assign different root directory access points to users or groups.
|
|
|
| Windows account integration |
Native integration with Windows user accounts and groups (local and domain). Control access to VShell functionality.
|
|
|
| Access control |
Grant access
to VShell services by authorized users or groups. On an individual or
group basis, allow or deny access to VShell services such as shell,
SCP, SFTP, FTPS, and port forwarding.
|
|
|
| Authentication
choices |
Choose from a number of
authentication mechanisms including public key, Kerberos, and X.509
digital certificates to create a more secure two-factor authentication
strategy. (X.509 support is not
available for Mac OS X, FreeBSD, 64-bit Ubuntu, or 64-bit Red Hat Enterprise Linux.)
|
|
|
| FTPS option |
Choose between Secure Shell SSH2 and FTP over SSL according to your network standards.
|
|
|
Back
to Top
Secure File Transfer
|
WIN |
UNIX |
|
| SCP file
transfers |
SCP file transfers using clients
operating as a secure RCP replacement that forwards a remote execution
request to SCP over SSH2 (not SFTP). Honors settings for logging,
ACLs, and SFTP roots. |
|
|
| Automated secure file
transfers |
Use vcp, vsftp, vsh, or any
SFTP or SCP2 clients to automate and schedule unattended file transfers.
|
|
|
| Internal User Database |
Configure VShell-specific users through the new VShell
Control Panel User Database page. These VShell-defined users are separate
from Windows System accounts. |
|
|
Back
to Top
Remote Administration
|
WIN |
UNIX |
|
| Administer servers remotely and securely
|
Securely access and administer
web, mail, database, and application servers.
|
|
|
| Accomplish common administrative
tasks |
With existing secure shell
utilities, add new users to the network, check print queues, and
control services. Use text-oriented editors (e.g.,
EDIT and vi) to edit files on the remote system.
|
|
|
| RunAs Commands |
Give VShell users permission to remotely execute
commands as a different user without full admin privileges. The administrator controls
who can remotely execute commands, which
commands are executed, and what account is used. |
|
|
| Start unattended batch
jobs |
VShell support for remote
command execution allows unattended jobs to be started with any
Secure Shell (SSH2) client.
|
|
|
Back
to Top
General
|
WIN |
UNIX |
|
| SSH2 support |
VShell SSH2 support offers
cross-platform security when connecting from remote
clients for shell, file transfer, or port forwarding access. Connect with Secure Shell clients including SecureCRT,
SecureFX, and a wide variety
of other standard tools.
|
|
|
| Data encryption |
Encrypt the data using a wide selection
of ciphers including 3DES, Twofish, Blowfish, AES-128, AES-192,
and AES-256. RSA and DSA public-key
authentication methods are also supported.
|
|
|
| Data integrity |
Message authentication codes (MACs) protect the integrity of
each message sent over the network (preventing replay
or insertion attacks).
|
|
|
| Data compression |
Configurable data compression helps improve transfer speeds over slower network links.
|
|
|
| Host identity verification |
Unique server host key proves
its identity to a client as a "known" host (preventing
a man-in-the-middle
attack).
|
|
|
| Port forwarding |
Forward TCP/IP ports to securely
access standard data traffic like POP3 and SMTP over the internet
and intranets through a single, secure, multiplexed channel.
|
|
|
| Deny Host
file |
VShell
for Windows now tracks failed authentications by IP address. Once an IP address has been added to
the Deny Hosts file, VShell will not allow future connections from
that address. |
|
|
| Jail shell |
Two configuration options,
ChrootUsers and ChrootGroups, combine to restrict users and members
of groups to their home directory with any shell, SFTP, or subsystem
operation.
|
|
|
| IPv6 support |
Transparent support for IPv6 allows you to move to the new protocol whenever you are ready. (If you need IPv6 support for AIX 4.3 or HP-UX
11 - let
us know).
|
|
|
| Pass-through printing
support |
Pass-through printing allows
a remote host program to print on the printer attached to your
local terminal (or PC running terminal emulation).
|
|
|
| Command-line utilities |
Automate
routine tasks using command-line utilities: vsftp for an interactive
SFTP command line, vsh for command-line shell access, vcp for command-line
file transfer, vkeygen to generate public/private keys, and vpka to upload keys to the server.
|
|
|
| VRALib API for scripting SSH2 sessions |
The VRALib API allows scripting of SSH2 connections through a
Windows COM interface. Supported operations include full control over SSH2 connections, sending a
command to an SSH2 server and getting the output produced by the command, tunneling/port forwarding,
file transfers using SFTP, remote file management, adding host keys to a host key database, and
adding keys to the SSH2 authentication agent.
|
|
|
| Mouse support |
VShell provides mouse support
for character-based applications running in a command window.
|
|
|
Back
to Top
Server Configuration
|
WIN |
UNIX |
|
| General server configuration |
Configure general server options
like listening port, keepalives, idle timeout period, and command
shell. |
|
|
| Windows Control Panel |
Configure VShell for maximum
security through an easy-to-use graphical control panel.
|
|
|
| VShellConfig utility |
A Windows command-line utility that allows editing of virtual roots, access control lists (ACLs), and the VShell user database. VShellConfig can import and export configurations to save time when backing up or moving VShell.
|
|
|
| Filters |
Configure which hosts can connect
by IP address, hostname, or netmask; configure which port forwarding
requests are allowed.
|
|
|
| Idle timeout option |
Allows timing out sessions
after a configurable idle time.
|
|
|
Back
to Top
User Authentication
|
WIN |
UNIX |
|
| Secure user authentication |
Control access to servers and
networks using existing usernames and passwords or choose other enterprise-wide authentication methods.
|
|
|
| Authentication settings |
Configure authentication options
by limiting the number of failed attempts, setting a timeout period
for completed authentications, and setting the required authentication
methods.
|
|
|
| Allowed/required list
for authentication methods |
Specify which
authentication methods are allowed or required when users connect
to the server: password, public key, GSSAPI or keyboard authentication.
|
|
|
| Kerberos v5 authentication
via GSSAPI |
Kerberos via GSSAPI increases interoperability while enhancing the
security of enterprise-wide network authentication.
|
|
|
| Public key-only authentication |
Automate unattended file transfers
and batch jobs. Can also streamline logon process for users.
|
|
|
| Keyboard interactive authentication |
Keyboard-interactive
allows you to customize authentication using PAM plugins. PAM plugins
can, for example, enable password expiration enforcement policies
or the use of SecurID cards.
|
|
|
| RADIUS server
support for SecurID authentication |
VShell for Windows allows authentication through
RADIUS servers using SecurID or other methods. RADIUS support is
implemented through keyboard-interactive authentication.
|
|
|
| X.509 certificate authentication
method |
Comply with organization-wide
PKI policies designed to protect critical information and overcome
identity theft and electronic fraud. (X.509 support is not
available for Mac OS X, FreeBSD, 64-bit Ubuntu, or 64-bit Red Hat Enterprise Linux.)
|
|
|
Back
to Top
Logging & Monitoring
|
WIN |
UNIX |
|
| Monitor active VShell sessions |
VShell Monitor is a real-time connection monitoring tool that allows an administrator to view active connections to the VShell server. |
|
|
| Server message logging |
Selected server messages may be logged in the VShell log file, sent to the Windows system log or a remote syslog/syslog-ng server. Message groups include errors, warnings, informational,
connection, authentication, SFTP, port forward, debug, LSA, and FTPS.
|
|
|
| Windows event log |
VShell error and warning messages as well as selected other message groups are sent to the system event log.
|
|
|
| syslog support |
All log messages can be sent to a remote syslog or syslog-ng server. |
|
|
| W3C logging option |
The W3C extended log file format option allows the use of third party log tools to analyze VShell activity.
|
|
|
| Automation triggers |
Configurable trigger conditions allow automated responses to server events: login, logout, upload, and download, also file/folder create, delete, and rename.
|
|
|
Back
to Top
VShell Editions
|
WIN |
UNIX |
|
The VShell and VShell with FTPS servers are available
in editions designed to meet the needs of every size network
and organization. All VShell editions offer the same capabilities but
allow you to control costs by deciding how many concurrent connections
you need.
|
| VShell Administrator
Server |
Allows two concurrent client
connections, and is designed primarily for remote system administration
use.
|
|
|
| VShell
Workgroup Server |
Allows ten concurrent
connections, and is intended to serve the needs of a substantial
group of users.
|
|
|
| VShell Enterprise Server |
Supports an unrestricted number
of concurrent connections for a large user community.
|
|
|
| VShell
Server with FTPS |
VShell with FTPS adds an SSL-based file transfer encryption to provide a protocol alternative. It is also available in Administrator, Workgroup, and Enterprise editions.
|
|
|
| VShell Custom Server |
VShell Custom Server allows
large customers to deploy VShell with custom configuration of certain
options. For more information on the VShell Custom server please
contact VanDyke
Software Sales
|
|
|
Back
to Top
Support
|
WIN |
UNIX |
|
| Try before
you buy free evaluation copy |
Official software
releases can be downloaded and evaluated for 30 days without charge.
|
|
|
| Open beta software releases |
Beta software releases can
be downloaded and evaluated for 30 days without charge.
|
|
|
| One-year software updates |
All registered users receive
a year of software updates.
|
|
|
| One-year technical support |
All registered users receive
a year of technical support by e-mail from VanDyke Support.
|
|
|
| Software maintenance available |
Software updates and support
are available after the first year.
|
|
|
Back
to Top
Standards
|
WIN |
UNIX |
|
| FIPS 140-2
support |
VShell uses a FIPS
140-2 validated cryptographic library. VShell can be installed
in "FIPS Mode", which allows only FIPS-approved algorithms.
|
|
|
| U.S. Rehabilitation
Act Section 508 compliance |
Section 508 requires Federal agencies to make
their electronic and information technology accessible to people
with disabilities. VShell Server has been registered as a compliant product
with the Section 508
database. Voluntary Product Accessibility Template (VPAT) documents
detailing this compliance are available in Acrobat PDF
format here: view the VShell Server
VPAT.
|
|
|
Back
to Top
|
