How to Browse the Internet Securely by Tunneling through an SSH Server on the Cloud

The GSW Business Tunnel is a versatile and secure connectivity tool that allows you and your coworkers secure access to required network services that are often risky due to non-secure Tunnel_boxlocations or impossible due to firewall configurations.

With the GSW Business Tunnel, secure tunnels are built over a network between the Business Tunnel Software and an SSH Server. Each tunnel may contain one or more channels where encrypted traffic is encapsulated and is sent through an encrypted channel providing the security you need to confidently connect over a wifi network.

Scenario: Matt is on vacation, but his company needs him to run payroll today. He does not want to risk accessing payroll via non-secure internet access.

Solution: Matt can create a secure tunnel for his laptop to access his companies payroll website.Case: Matt is on vacation. But his company needs him to run payroll today. He does not want to risk accessing payroll via non-secure internet access. Matt can create a secure tunnel for his laptop to access his companies payroll website. He can securely browse the internet using the GSW Business Tunnel by using a generic SSH Server on the Amazon Cloud. By setting up the Tunnel, the Channel within the Tunnel and the browser configuration on your computer, Matt can be set up to browse securely within minutes.

Setting up the Tunnel –tunnelsettings

  1. Set the address of the SSH Server Host. This is provided when you set up your Amazon Cloud.
  2. Set the Authentication Requirements. This is the logon ID and the private key provided when you set up the Amazon Cloud.

Setting up the Channel –

  1. Select Dynamic Port Forwardingchannelsettings
  2. Use the loopback address
  3. Choose an available port for the local port.

Setting up your Browser Configuration –

  1. Enable the Proxy Server
  2. Click on Advanced (this opens the proxy settings)
  3. Configure the Proxy Address and Port Number. The channel configuration for the local address and local ort is used in the browser configuration. These must match.
  4. Click OK, OK, and Apply!proxysettings

Matt can now use the GSW Business Tunnel to securely browse the internet connecting an SSH Sever to the Amazon Cloud.

Questions about the GSW UTS (Telnet and SSH) Security

Security is serious business! Don’t be afraid to ask questions about Telnet and SSH. You want to clearly understand what you are purchasing.

SSH Server Security Q&A:

Question: A vendor claims to use SSH but when I look closely, it does not look like it is being used END to END.

Answer: Some companies claim to have SSH but when you examine their claim, SSH may only be used within the server but things change to proprietary from the server to the devices, which is where the data is most vulnerable.  In this case the weakest link is the transmission of data from the server to the device, making the entire solution unsecure. When evaluating security software keep an eye out for the words end-to-end and proprietary mixed.fips140

Question: When should I use Proprietary Encryption Protocols?

Answer: Almost never. Your application should be designed in such a way that a standard cryptographic protocol can be used. Don’t be fooled by companies intermixing words like proprietary or customer encryption with terms such as AES, 3DES, Blowfish, etc. What this means is that the vendor is using standard cryptographic algorithms mixed up with their own proprietary cryptographic algorithm. Encryption algorithms are just a small part of a cryptographic protocol. You can bet the weak link is the  proprietary component. MAJOR RED FLAG

Question: A vendor claims to have FIPS 140-2 but they don’t have a FIPS 140-2 compliant client.

Answer: Again as unfortunate as it is, some companies claim to have features when they simply just do not. They may be compliant on parts of the server, but if its not FIP 140-2 complaint on the client then its not compliant END to END.

Question: Why is proprietary Encryption a Red Flag?

Answer: Existing Cryptography for our industry is quite good dues to dedicated, highly skilled mathematicians and the best cryptographers at security agencies such as the NSA (National Security Agency) and first class universities. Good cryptography algorithms require complicated mathematics in addition to expensive technologies for development. Algorithm acceptance requires testing and scrutiny of many brilliant people as well as industry peer review and time in the field.

Commercial software vendors typically venture in to the proprietary cryptographic arena to save time or money. A few “sharp” engineers creating a proprietary cryptographic algorithm is not remotely comparable to established cryptographic algorithms standardized by dedicated agencies, often looking 20+ years into the future. At best it is arrogant when software vendors believe they can do a better job than the professional cryptographers; at worst customer systems are breached.

Question: Our vendor says they developed their own cryptographic protocol?

Answer: Run, Run, Run as fast as you can! Encryption protocols are extremely difficult to design and are not for the faint of heart.  This is a very dangerous situation because there is a false sense of security. Developers often believe they have correctly implement a cryptographic protocol or encryption algorithm only to late find out that many significant potential exploits and other security risks exist after many months of deployment. There is no replacement for many years of public scrutiny and testing. .

Question: Our vendor refuses to give details of their cryptographic protocol design on the grounds that it jeopardizes the security of the solution?

Answer: All standard cryptographic protocols are described in detail on the level of design. Your vendor is trying to achieve security by obscurity. This simply does not work because of all the hardware and software tracing tools available to determined hackers. Security by obscurity can never work.

 

For more information on the Georgia SoftWorks UTS (Telnet Server and SSH Server), please visit our website or give us a call!

 

 

SSH Server Setup for Digital Certificate Authentication (4 Step Process)

SSH Server Setup for Digital Certificate Authentication (4 Step Process)

The Georgia SoftWorks’ SSH Server Certificate Based Authentication is a better and more secure solution for commercial environments. Passwords are risky and weak. While plain public keys are superior to passwords, for client authentication plain public keys lack a convenient method of matching them to user accounts on which the SSH sessions are expected to run.  The difficulty and complexity required for configuration of public key solutions is daunting for most and impossible for others.  With plain public keys, human mistakes can compromise the security of the solution.

 

A Digital Certificate (also known as public key certificate or identity certificate) binds an identity to a public key value. It is an excellent method of verifying the identity while the configuration and setup is much simpler to understand and easier to manage.

 

Georgia SoftWorks researched and developed an innovative, easy to use, and secure implementation a ‘validation and mapping’ method. All of the configuration is done through a GUI with wizard style dialogs reminiscent of IIS certificate-to-user account mapping. The solution preserves all of the cryptographic strength of the public key solution, adds convenient, well scaling, certificate-to-user account mapping options while eliminating the time consuming, error-prone, and potentially insecure setup.

 

4 Easy Steps for your Quick Start Server Setup!

 

Steps for One-to-One Mapping (Maps individual certificates to individual user accounts):

 

1.      Logon as Administrator to the computer running the SSH Server

 

2.      Install the root CA(s) and intermediate CA(s) for all certificates that will be used by the client software.

 

3.      Copy all certificates that you want to allow to be used for logon to a location accessible to the server (a local or network drive). Make sure you use .cer files for the server and PFX files for the client (you may have to perform separate export procedures for the .cer and PFX file).

 

4.      Run the GSW Certificate Mapping Tool and configure the ‘One-to-One’ digital certificate to user account mapping rules.

 

 

Steps for Many-to-One Mapping (Creates an association between multiple certificates and a user account):

 

1.      Logon as Administrator to the computer running the SSH Server.

 

2.      Install the root CA(s) and intermediate CA(s) for all certificates which will be used by the client software.

 

3.      Run the GSW Certificate Mapping Tool and configure the ‘Many-to-One’ digital certificate to user account mapping rules.

 

4.      Optional (but STRONGLY recommended): Use the GSW Certificate Mapping Tool to configure a Certificate Trust List.

 

 

GSW Reseller Le Consult Reaches 15 Years Selling Telnet Server for Windows

Georgia SoftWorks (GSW) thanks Germany’s Le Consult for 15 years of partnership as an authorized reseller of the GSW Telnet Server for Windows and SSH Server for Windows.

Since 2002, Le Consult has been an authorized reseller of the GSW Telnet Server for Windows and SSH Server for Windows. Located in Kamp-Lintfort, Germany, Le Consult provides businesses with reliable and flexible security options.

“Georgia SoftWorks is a perfect partner for doing professional business even across the Atlantic. Stable solutions with forward-looking development that fill the needs of small, medium and large enterprises in Europe. Thanks to the whole team of Georgia SoftWorks for the cooperation in the last fifteen years,” said Stephan Lemkens of LE Consult.

LE Consult customers primarily utilize the GSW telnet server in order to connect their handhelds to SAP. SAP users enjoy the GSW Universal Terminal Server (UTS) ease of operation as well as specialized features that include mobile printing and Session Monitoring to maximize the return on investment. The Georgia SoftWorks UTS is the industrial quality software foundation supporting the suite of GSW server products including the GSW Telnet Server, the GSW SSH Server for Windows, the Session Administrator and numerous remote access utilities. The UTS offers many features that will benefit SAP users. For example, in most instances the user will want SAPConsole to automatically launch when the SSH/Telnet session is connected. This is easily done via the GSW Logon Scripts.

f7ead-atlas_logo“We are proud to celebrate this 15 year milestone with Le Consult,” said Matt Kittrell of GSW. “Our reseller relationships are very important to us at GSW, and these long-term partnerships are a huge testament to both companies and the solutions that are being provided.”

Georgia SoftWorks is a software development company located in Dawsonville, GA, who has gained worldwide recognition for their development of the GSW Telnet Server for Windows and SSH Server for Windows. They have end users and resellers on every continent, except Antarctica.

“The Georgia SoftWorks Telnet Server for Windows has been designed and developed to meet the needs of commercial and industrial applications,” Le Consult states on their website. “For many years, the GSW Telnet Server has been the most stable and fastest solution for Windows and is therefore recommended by and for SAP.”

About Georgia SoftWorks:
Established in 1991, Georgia SoftWorks is a privately held software development company recognized for creating high performance data communications, system and telecommunications applications. Georgia SoftWorks has obtained a worldwide presence with its industrial SSH/Telnet Server for Microsoft Windows. GSW’s long-term commitment to SSH/Telnet has led to the pioneering of major features such as Session Shadowing, Session Monitoring, Graceful Termination, Automatic Logon, Logon Scripting and more recently Team Services technology which allows mobile device users to transfer, swap, share and recover mobile device sessions. GSW has also provided the very first SSH Server to provide Digital Certificate Authentication with Internet Information Server (IIS) like certificate to user account mapping. This includes ‘One-to-one’ and ‘Many-to-one’ mapping methods and also support certificate trust lists (CTL).

Product Showcase: GSW RC MDMS – Remote Control Mobile Device Monitoring Suite w/ File Transfer

GSW Product Showcase:

rc_mdms_100w

GSW RC MDMS – Remote Control Mobile Device Monitoring Suite w/ File Transfer

GSW RC Mobile Device Monitoring Suite (RC MDMS) is software that allows the remote control and viewing of the desktop of a mobile device. RC MDMS File transfer capabilities enable better administration due to the ease of uploading files, applications, patches, etc. to the device. rcmdmds

The GSW RC MDMS will positively transform your work environment. How? It allows the administrator to be in several places at once. Without leaving your office, you can observe the workflow of a multitude of mobile devices. You can see the device screen on YOUR monitor as it appears to the device user. This will benefit your company in a variety of ways:

SUPPORT

  • Respond Fast – When help is needed, you can respond from your desk without having to walk across the warehouse floor.
  • Accurate Data – You can monitor the device screen from your desk, with your eyes, as it is happening.
  • Training – Train new employees by remote observation of workflow and provide remote guidance with ease.
  • Device status – You can monitor RF Signal, battery strength, CPU and memory utilization.
  • Screen Capture – Fast screen capture available with time stamp. You can also capture several images.
  • File Transfer – transfer files to and from the device, with an easy-to-use file selection GUI.

 

PRODUCTIVITY-

  • Efficiency – Monitor devices to confirm efficient workflows are employed.
  • Availability – Know when a device is not in use and is available.

 

LEGAL PROTECTION –

  • Observe employees to verify there are not visiting unauthorized sites or exposing confidential information.

 

QUALITY ASSURANCE –

  • Remotely view device screens to ensure adherence to company standards.

 

SALES

  • Demonstrate your product from your laptop or even your potential customers workstation

 

Features of the RC MDMS:

Browser Base Application– A major benefit of the RcMDMS is that all of it’s features function 100% within a web browser. Using protocols over a TCP/IP network enables robust and industrial grade operations with very little overhead on the network and minimal impact to the End User’s mobile device.

File Transfer– Use the RcMDMS web browser interface to transfer files between the mobile device and the workstation.

Remote Control Shadowing– With the RCShad-owing feature you can take control of the device with a workstations keyboard and mouse and monitor. By doing so, configuring settings, running programs and rebooting on the mobile device are done through a fast and minimal overhead to the network TCP/IP connection.

Monitoring– With this feature the Administrator can view any mobile device without the worry of compromising the work flow with any accidental remote control.

Device Status Graphing- Monitoring Device Status of four key indicators are displayed in real time through a flowing line graph. The indicators shown are CPU Usage, Battery Status, Memory Usage, and Wi-Fi Signal Strength. Additional aspects of each indicator is shown in a separate tab in a more detailed format.

Device Groupings– Create groups of mobile de-vices. These lists are convenient in accessing quickly numerous devices.

Screen Capture– Capture several mobile devices screen images in an instant. This unique method enables the recording of many screen shots one after another, sort through the images you need, and finally save them. mcmds.jpg

In Depth: Georgia SoftWorks’ 25th Anniversary

anniv_logo_dateGeorgiaSoftWorks, developer of the GSW Telnet Server and SSH Server for Windows, is celebrating their 25th anniversary of operations this year. Since opening in 1991, GSW has transformed from a small software development business into a globally recognized company with resellers and end users in every continent except Antarctica.

Today, Georgia SoftWorks is a globally recognized company, known for their development of the Georgia SoftWorks Telnet Server and SSHServer for Windows. They have resellers and end users in every continent except Antarctica, and their products are used in almost every industry, including Airlines, the US Navy, automobile manufacturers, bottling plants, school systems, and more.

Let’s take a look at how it all began:

Georgia SoftWorks started off as a company specializing in data communications and telecommunications applications. In the early 90’s, the GSW team had an in-house need for reliable telnet connectivity on Windows. There was nothing on the market that fit their needs. They knew developing a Telnet Server that fit all of their criteria would require significant effort, and they got to work. Their engineer team developed a telnet server that proved to be reliable, robust, consistent, fast and extensible.

43606-telnetAfter successful in-house use, the GSW UTS (Telnet Sever and SSH Server) was turned into a commercial product. Excellent with mobile devices in RFID, RF Terminal, Bar code scanners and other data collection and wireless environments, the GSW UTS proved to be applicable in a variety of industries. Soon, the GSW Telnet and SSH was being installed all around the world. Currently they have over 400 resellers across 37 countries, with end-users and installs growing exponentially each year. With unmatched reliability and features, their UTS includes the Telnet Server, Session Administrator and a full suite of mobile clients.

GSW’s long-term commitment to SSH/Telnet has led to the pioneering of major features such as Session Shadowing, Session Monitoring, Graceful Termination, Automatic Logon, Logon Scripting and more recently Team Services technology which allows mobile device users to transfer, swap, share and recover mobile device sessions. GSW has also provided the very first SSH Server to provide Digital Certificate Authentication with an Internet Information Server (IIS) like certificate-to-user.

Georgia SoftWorks has since developed other products, most recently the GSW Business Tunnel, which is a versatile and secure connectivity tool that allows people secure access to required network services that are often risky due to non-secure locations or impossible due to firewall configurations. It offers the best security with elliptic curve cryptography, persistent connections that can be set and forgotten, and SSH v 2, the highly recognized security standard that provides secure authentication, secure access, data integrity and some of the best encryptions available.

“We have come a long way since the company started in 1991. We are thankful to all of our customers and resellers who make this anniversary possible, and are very excited about our future as the company continues to grow and evolve. We strive to continually improve our products and make it a priority to stay on the cutting edge, always offering the strongest authentication features available,” said Diane Sexton of Georgia SoftWorks.

What others have to say:

“The GSW products have always been rock solid in terms of both performance as well as support. We deliver systems to customers all over the world. In order to do that effectively, we need to partner with global leaders in their respective spaces. For our connectivity requirements, there is only one choice and that is Georgia SoftWorks’ Universal Terminal Server (UTS). The main reason we have stayed with GSW Universal Terminal server (UTS) is the suite of tools that allows remote monitoring and control of users sessions. This allows trouble shooting and training without the need to be on site which is important when our users are worldwide.The ability to run either SSH or Telnet over a wireless network gives us tremendous deployment flexibility. In the past year, we have also deployed our products over a cellular WWAN tunneling into our GSW server via SSH. That ability has proven to be a great extension to our product offering. Customers can now run familiar software in remote locations. We have surrounded ourselves with excellent products and organizations that offer outstanding levels of service. When an end customer has an issue they rely on us for a quick, efficient and accurate response. We in turn also look for similar replies from our vendors. Over the past 10 years, IMS and GSW have stood together in true partnership keeping customers happy and systems running smoothly. I wish all of our vendor relationships ran this well.”

– Bob Brennan, President of Integrated Manufacturing Systems, Inc, Reseller since 2003, New Hampshire

 

“We picked to use the GSW software because in the beginning, it was highly recommended by one of our customers. Then, after an exhaustive comparison versus others, it was the ‘must have’ option.” “We chose the GSW software because of its stability and robustness. Also, the people at GSW. What you say is what you deliver. The prices, discounts; its 100% transparent. It is great to do business with a company like yours.”

-Israel Esquivel, Mayoristas de Tecnologia (Mexico City, Reseller since 2005)

Georgia SoftWorks Celebrates 25 Years Developing Telnet Server for Windows

Georgia SoftWorks is proud to announce its twenty fifth year as a leading global developer of Telnet and SSH for Windows.

Georgia SoftWorks, developer of the GSW Telnet Server and SSH Server for Windows, is celebrating their 25th anniversary of operations this year. Since opening in 1991, GSW has transformed from a small software development business into a globally recognized company with end users in every continent except Antarctica and over 400 resellers in over 37 countries.

25th“The GSW Telnet Server and SSH Server has been used in the most demanding and industrial environments for two and a half decades now, providing consistent operation, high-end features, performance and unmatched security,” said Diane Sexton of Georgia SoftWorks.

In 1991, Georgia SoftWorks began specializing in data communications and telecommunications applications. In the early 90’s, the GSW team had an in-house need for reliable telnet connectivity on Windows, so their engineering team developed a telnet server that proved to be reliable, robust, consistent, fast and extensible.

After successful in-house use, the GSW UTS (Telnet Sever and SSH Server) was turned into a commercial product. Soon, the GSW Telnet and SSH was being installed all around the world. Today, they are used in almost every industry, including automobile factories, airlines, soft drink manufacturers, schools, the Navy, pharmaceutical companies, and more.

“We have come a long way since the company started in 1991. We are thankful to all of our customers and resellers who make this anniversary possible, and are very excited about our future as the company continues to grow and evolve. We strive to continually improve our products and make it a priority to stay on the cutting edge, always offering the strongest authentication features available,” said Sexton.

About Georgia SoftWorks:
Established in 1991, Georgia SoftWorks is a privately held software development company recognized for creating high performance data communications, system and telecommunications applications. Georgia SoftWorks has obtained a worldwide presence with its industrial SSH/Telnet Server for Microsoft Windows. GSW’s long-term commitment to SSH/Telnet has led to the pioneering of major features such as Session Shadowing, Session Monitoring, Graceful Termination, Automatic Logon, Logon Scripting and more recently Team Services technology which allows mobile device users to transfer, swap, share and recover mobile device sessions. GSW has also provided the very first SSH Server to provide Digital Certificate Authentication with an Internet Information Server (IIS) like certificate-to-user account mapping. This includes ‘One-to-one’ and ‘Many-to-one’ mapping methods and also supports certificate trust lists (CTL).