KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security.
Get instant access to our complete research library.
Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation.
Get instant access to our complete research library.
Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections.
Get instant access to our complete research library.
Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities.
Get instant access to our complete research library.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Good afternoon, ladies and gentleman, welcome to our equipping, a cold webinar, monitor your cloud administrators and manage service operators, avoid privilege app use and fraud. This webinar is supported by B of it. Speakers today are me marketing equipping around the founder and principal Analyst at co a Cole and Dr.
Shaba, which is who product manager at BBI. So before we start some information about keeping a coal and some housekeeping information, and we've, then we'll direct to dive into the topics co a cold we, an Analyst company headquarter in Europe providing enterprise it research advisory services, decisions, support networking for it professionals through our research services.
So a number of reports and leadership composites, where we compare our vendors in the market segment, etcetera, through our advisory services for both end users vendors and through our events, this events include our mainly one, which was the European identity and cloud conference, which really held next time May 5th to eight in Munich. It's a master time event for all these topics around identity access, cloud digital risk.
And there will be an conference in Australia, early in Weber, which are also I think, quite interesting, a little smaller than the ESC, but definitely a very interesting event for that region guidelines for the webinar, you are muted central. You don't have to mute around mute yourself. We are controlling this features. We will record the webinar and the post podcast recording will be available tomorrow. And the Q and a session will be at the end. So you can answer questions at any time using this good webinar control panel and the area questions in there.
We will then pick the questions and answer them by the end of the session. The more questions, the more interesting is the Q and a. So don't hesitate to enter questions. Let's have a look at Thelander for today. And the first part, I will talk about the risk surface, most critical risks on how to mitigate risks of cloud administrators and manage service operator. And the second part then Dr. Java across now will talk about the use of privilege monitoring for mitigating these risks based on number of real world customer scenarios.
And as I've said afterwards, we will do a Q and a session where you can ask you questions and we will try to provide while you answers on that. So what has changed over that? The ones you have been another cooking called webinars or presentations might have seen that slide before, but I think it's still an important one because it really shows three of the major revolutions we are facing these days. And one is mobile computing. So we have more and more devices. The is social computing with more types of users we have to handle. And then there's cloud computing.
So we are increasingly relying on cloud services, which are somewhere between outsourcing private cloud hybrid cloud, full public cloud. There, there, there are various types of services we are using. We also have more and more externals accessing our services also from an operations perspective. And this is really where, where a lot of challenges occur.
So, and this is really the area where I will focus on, on B travel will focus on today, which are the really the most important things we, we are seeing here from a privilege management perspective because it means we are running applications outside. So they're not only we as the administrators, there's also someone who's providing the service or we have managed services. We're relying on more people accessing our networks to administer systems. And this is raising a number of challenges. So what is really changing.
So when we go back a little in the history, sort of, we have sort of a situation where we said, okay, we have an server there. We have a server operating system. We application an application running on server. So we had these application, administrators and operators, for sure, we had system administrators, but this is still relatively controlled.
We still, we had even back then or still exist in the various areas. We had a number of privileged users, which have more access than more entitlements than other people have, but it's still a, a relative limited view. Then for the last years, we've seen a, a strong uptake in virtualization, which in fact means, okay, we not only have the application, but we have application running on a guest operating system. We have a hyper wide, we have host operating systems.
We have, we have more layers and we have more types of administrators in there, which in fact increases the risk surface because it means that someone can run attack on the host operating systems on the guest operating systems, whatever we have more types of ed uses. We have an increased complexity in there. And in fact, when we, when we do the next step, the world of a, of cloud or managed service, doesn't look that different. But what we really have is we have somewhere at the machine, we might not even know where it is located.
We have an host operating system, we have an hypervisor, we run our guest operating system. There, we run our applications. If we look at infrastructure as a service, if you look at software as a service, that even means there's something running in an infrastructure we don't know much about probably also with a host of rating system and high Verizon and a guest operating system. And there's someone who runs an application for us.
So we all not only have our end user organization, administrators, operators, but we also have our cloud service provider managed service provider, application, administrator, system, administrators, et cetera. So we have more people and this in fact, increases complexity for both parties in this area.
And so, so in fact, there, there are more elements and there are more people involved with privileged access and this makes things trust more complex. And this is really where, where, where, where we need to, to act differently than we did before.
So, so what are the major risks in, in this world and this changing world where we're sort of the move to cloud, more relying, more on, on managed service, providers changes a lot of things. Yeah. So major risks are all the risks of internal privileged and shared accounts. So the classical risks we have seen for many years, these risks remain there is still the internal, whatever SAP administrator. There's still the super user of that system. There's still the da database administrator of that system. So this is something we still have as a risk.
And it's still one of the largest risks we have in it. There's the risk of intercepting, the communication between the AFC or CSP and the customer or vice versa. So if we have this distributed environment, there's some communication between, so there's a risk that someone comes in here, we have additional interfaces. So there's the hyper wiser, which has this interface, which exposes some interfaces. There's the gas, the O operating system. There's the side of the service provider, their so side.
And we have the risk of the app use of privileges of operators and administrator at the MSP or CSP. So there are more people involved. There's the other parties which come in have rights.
And so, so in effect, a lot of things we, we have to do here is to trust the other parties and that they are doing things correctly, that they, they, they have their operators and administrators and the control, which nevertheless means the risk. And also if we have someone accessing our systems, we have a challenge. One of the challenges behind this is first for a good reason, particularly CSP, who's running public cloud services with, with hundreds, thousands, tens of thousands, or even more customers. They can't give every single customer full insight into what is happening.
You, you can't expose everything to, to your customers on the other end, then it's, it's the area of audits. And, and one of the challenges we are seeing here currently, we see some learning curve, but it's still a challenge is that there's a lack of meaningful, meaningful audits for MSPs and CSPs and a lack of insight into activities. So this insight into activities is probably more complex to solve because it clearly only if at all will expose what is really directly related to a single talent. That's what they will expose to the single talent.
On the other hand, in the audit area, if you, if you look into details, so there are, there are a lot of audits and then many have sort of different levels of audits. And frequently it's only the lowest levels of audits which are performed. So you have to sign and says, okay, we have done this audit, but if you look at reality, a lot of things aren't really track. So it's very worse to dive deeper into the audits. And I think we also have a report out on it for, by my colleague, Mike Small, which had looked at the various types of audits and which are relevant in that area.
And then there's another area which is particularly relevant when we look at the more the MSP side. But sometimes also when we look at, at what we are doing. So there's a situation where we have persons operators, administrators for, for instance, the SAS or also the is services, and they might change. So we need to manage these entitlements, these accounts also for whatever salesforce.com, Microsoft Azure, Amazon web services, whatever. And on the other hand, we might have MSPs who have some entitlements at our end in our systems.
And we need to ensure that these accounts or are problem managed that only people who are really in charge of us as a tenant have access to that. So this is something where we have a number of risks, a simple, the simple point is the sort of the attacks are first, the complexity, the challenges are increasing in this world. And that doesn't mean that we can't do it. It means we have to understand what to do to reduce, to mitigate these risks. And some of the priorities I would look at when, when doing this is purely one area is local privilege management.
So, so really having a good grip on the local access of privilege users and shared accounts, which includes shared account management, but which also includes abilities such as access governance, segregation of QT, et cetera, identity and access management, managing the identities and entitlements appropriately. So who is allowed to access our system, who is in charge of cloud services and administrator who has, which entitlements there, there's still a long way to go.
So, so many cloud services don't allow really an externalized access management. So most allow some identity management and Federation, etcetera, but when it comes to access management to managing authorizations, it usually means you have to go to the user interface of de services, another third area privilege session monitoring. This is what will be highlighted in the second part of this webinar, monitoring the sessions of operators and administrators, access of our operators or the tenant operators to cloud service and of MSP access to on-prem applications. So get a CRI on that.
So who is doing what in that area? Anomaly detection, quite interesting area as well. So are there anomalies in the user behavior I will touches.
And, and when I, when I bring up my next slide and meaningful audits, so I think this is another very important point. Really understand what is audited really? So how deep is the inside and auditor gains and request meaningful audits, really the bigger UR as a customer, the easier it is to request something like that. But I think it's a quite important area.
So, so what, what we really see overall is then a trend from, so historically we try to protect those things. So the firewall is a protection level when we do provisioning by, by creating accounts and then defining some entitlements it's protection. So protects the first level.
And, and what we then did in the next area is trying to, to detect things. A lot of this is very reactive. So we might do an attestation re-certification every few months looking up the access entitlements of users. This is only, only one part of the story and detection. It might be go a little bit further, but overall it it's. Most of this is static. What we really see as an evolution is, is a lot of things going on around anomal only detection or user behavior detection, where we try to understand what are users doing?
Is their behavior the same they had before, or is there something which is unexpected where they change their behavior? That might be because they have another studio because there's something new might also be because they do something they do only ever three or six or 12 months, or it might be because for instance, the account have been high checked. So this entire anomaly detection is important. And what we need to add here is not only to detect things and at a far, far better for higher level, but to respond to what we have detected.
So being able to, to react on this and to trigger actions, to alert, to automate and all this type of stuff. And this is really, I think, important in, in when we look at overall information security, not only the, the certain area, the specific area of cloud services and managed services, it's overall the, the major theme in, in information security that we need to go beyond protection, that we need to go beyond detection into standardized and, and very rapid and quick reaction.
So this is really where, where things are heading from our perspective and, and one of the important areas within that. And that's what else my main has been my main scene for today is what, what do we need to manage access of our tenant sort of, of operators, administrators to cloud services and, and, and try for cloud service, but also the way back when we have an MSP, who's doing work at our end, what do we need to manage here? So this is, has been my introduction to this topic.
So why, why is it relevant? What is the risk surface, the most critical risk at how to mitigate these risks? And the next part right now, Dr. Shana will talk about the use of privilege monitoring for mitigating these risks based on a number of real world customer scenario. So I'll hand over control to him. Sorry about it's your term. Thank you very much. And thank you for joining us in the following 20 minutes. I try to highlight you what, how we see the problem and the solution for many service providers and, and cloud service providers.
I want to highlight a few things in my presentation first, a short introduction about, because I think many of you don't know us, then I will show you what we see about the requirements of MSPs and CSPs, and then comes those use cases, which might be the most interesting part for you. And of course, I will tell you only a few words about the user monitoring solution of Bobbi. So Bab head part of the headquarters in Luxembourg is a European United security company, specialized in advanced monitoring technologies, where our company, we used to call that we are information security company.
We focus on privileged activity monitoring. And under this, we are focusing on trusted login app based gateway technologies. Our privilege session monitoring solution has eight years now on the market. So I think that we've seen the whole evaluation of privileged session monitoring on that field, what we are talking about today. So let's go for go for, and I show you the typical life cycle, how we see. So first of all, we see two parallel sessions.
Now on the market, we have several many service providers who give service to other companies, and we have some cloud service providers who have own their own infrastructure and give service on their infrastructures. So what we see is that the typical Ms MSP solution, the typical MSP center used to be when the customer of the MSP requires the security of the service provision. Therefore the service provider manage service provider wants to give the evidence to each customer, that they are able to provide the service in the manner. And they are just under the SLA. What is in the agreement?
The other way, the other scenario is then for example, a cloud service provider gives its own infrastructure and want to provide the, the security, give, give, want to give the evidence to their customers, that they are able to give the service, the cloud service in a secular manner. Usually under some international compliance, for example, the is AE 20 to four, as an example, or when cloud service provider wants to give a P C I BSS like environment. This kind of evidence is a must for them.
We are, most of our customers on are on this stage. So they want to fulfill some kind of compliance in different, whether it comes from an international standard or comes from a specific customer. The next phase is usually the, the full, the whole MSP service. Then the old admin of the MSB service want to give this evidence to all of the external it, all of the external customers. They want the serve.
That means that the privilege session monitoring build into the service itself and the many service provider wants to build this kind of service to all of this customer as a value added service and not for sales depends. The next step is to enable the monitoring of hosted ID security in the cloud is when a service provider wants to give, or to be honest, it's not, not the service provider, but it's usually the customer itself want to install some kind of session monitoring into the cloud. And the cloud service providers somehow enables this session.
Monitoring enables the installation of such social monitoring instances into the cloud service. And it's nothing more than, than to enable Amazon or Azure based installation to the cloud. The next step is a flexible monitoring service security as a service. Then the service provider, the, the cloud service provider gives the opportunity to their customer indifferent, whether it is a small installation or installation that the customer would be enable to buy such monitoring service from the cloud service provider itself, for example, on time based or, or use based solution.
And the highest level of such services as Martin mentioned before is some kind of detection, big database analytics, which is real value added service by the cloud service provider to their customer. And it can help to the customers to get not just the monitoring, but also some kind of early warning. What happens in the monitored session? We made technical survey amongst our customers because we were very interested in what they think about what is the main challenge for them and what they really want to use our monitoring solution.
And they said that the most important thing for us in monitoring is better employee and or partner control. So our customers want to know what their employees and their partners such as the many service providers and the cloud service service providers do beat their data and do with their information on their it infrastructures. So they want a approved recording. What happens in the situation. And as you can see, other on the other answers, they are, the, the other monitoring goals are less important for them.
So this is, this is the main driver of the session monitoring buyin in the, on the next slide. You can see again, in a few words, what are the most important challenges? Now in that moment, you can see that the, these are the, these are four main goals for social monitoring, for cloud and many service providers. So first strict measures to keep reputation, all those big cloud service providers that are giving some kind of service to their customers, want to get strict reputation. These providers, as partners are expected to provide proactive security solutions and specialized expertise.
This is a map. This is built in into the service damage done by a insider, such as a cloud instructor might be extremely rare, but far more devastating than in a regular computing environment. Therefore special precautions must be taken to prevent such damage. This precaution should include strong authentication, authorization and visual recording of the actions of the cloud. Administrators pre and reputation are S in the manage service provider and the cloud service provider sectors.
And if you follow the news, the security news, you might heard that there were many data breaches on this sector, and this is a very huge reputation damage for them, and they want to avoid this. The other big issue is the accountability issue. So just like in traditional it, the outsourcing using the service of a cloud provider provider requires the customer to give up Porwal over his it infrastructure. Every action, a cloud service provider performs on its customer service can trigger a plane game, cause a plan to reassure the customers.
CSP should make the it management and maintain a more transparent out to by the customers. This should include recording complete administrative sessions affecting the part of the cloud infrastructure used by the customer. And if we've just requested making these accessible to the customers, if these activities can be investigated, most potential effects from inside are prevented just by the near existence of the monitoring solution. Providing objective to for all events and CSPs can eliminate the shadow of stuff about their operations. The next big issue is the SLA verification.
I think most of you can imagine what an SLA means in this relation. So without the possibility oversee the CSP administrators, the evolution of the effectiveness is also a challenging exercise. The Porwal over SRE is also a problem as there is no reliable solution in the hands of a CSP to justify its keeper performance indicators and billable activities without the temper proof activity monitoring solution in place, the provider cannot prove that his work is compliant with the escalated requirements and last button, at least.
And we can see that our, that in our customer base, this is the most important challenge is compliance. Of course.
So both the MSPs and the cloud providers are increasingly subject to data protection regulations from a variety of organizations ranging from the P C I DSS, as I mentioned through, for example, in the cloud are in the cloud security Alliance, the CSA, and to others, such as the ISEA standards, what I mentioned and lava least the national law enforcement agencies, lows and standards require that MSPs keep client data safe, separate roles, and pull out these administrative access to these data.
These regulatory requirements may call for a temp to session recording tool, to best compliance outreach of cloud security processes. A cloud wiser that can meet these requirements and offer harder. S of these compliance can gain a significant advantage. So compliance, compliance, compliance, and compliance is our friend because most of the regulations, most of the standards usually deal with the privilege session monitoring the monitoring of privileged users. Just a remark who is a privileged user.
A privileged user is not nowadays, not just an administrator, not just a, a route user, but can also be very important business user. So the monitoring of privileged users in, in the near future, we have been not just the monitoring of traditional RDP or SSA session, but we think that, that we go beyond on this traditional administration and we are contain the monitoring of, for example, the VDIs monitoring of mobile accessing and so on and so on, and not just for the administrative users, but also for the business users. Now here come the use cases.
I have four use cases for you, and I want to cover all the purchasing drivers. What we see now on the market.
Again, the first purchasing driver is the compliance, especially for compliance of local local regulation center, industry standards. For example, maybe, you know, the PC ID as the standards. It specifies the, the needs of the service providers. So all financial institutes, all merchants who handle some kind of credit card data and use service providers have to fulfill some requirements under P C I, the other, the company policy enforcement enforcement of internal company, policy security strategy, strict security requirements are typical big service providers, which manage sensitive data.
It staff control it. Admins are the most powerful users in the it systems with access, right? And this is unacceptable. So controlling the essential, the control of the outsource partners, monitoring of third party contracts or contractors or outsourcing partners. Plus the SLA control. As I mentioned, business user, I would, would need control users, working sessions.
We have some use cases where the customer want to control all of thees of business users as well, and forensics identifying and presenting evidences from, from the it system through a legal procedure, to be honest, that the last part forensics is not widely used on the market. What we see this is very interesting, but I think that with the emerge of, of nationwide cyber threats forensics, we can get a more emphasized on the security market. And now they issues.
The first example is about FII it AGI FII what, what we should know about the challenges, service, or fi FII is a financial it service provider in Germany. And they have a challenge Germany, the federal financial supervisor, I, the ING has recently announced new regulations, which is not so new now. So announced some regulations which have further extended the minimum requirements for risk managements, for financial institutions, and then others. This modest requirements require full of process, obvious access to private banking information to proof with this three requirements.
FIU had the look for a solution capabil to record all database accessed by system and database and security administrators, and need playback reports for forensics purposes in case that is of compliance. In addition, as the data center environment causes of approximately 8,000 units and Linux servers, finding an at a greatly robust outing solution was increasingly challenging for a long time. The provider couldn't find an INCOM in offering on the market. They tried so much and thanks God, they choose us by implementing our solution. They are able to fulfill this requirement.
And again, as I mentioned, that was the main issue for them to smoothly test the supervisory of this. And most in most cases, this is the base requirement. Next example, big brains. It services big brains provides global cloud computing services, which must follow strict strict international guidelines. As a service organization is business processes should be ordered and certified by the ISAE 3000. And under this, this is a, a 30 to four standard. The objective of this Audi is to set high quality auditing industrial standards for professional accountants, providing with the certification.
The company previously used traditional logging solutions, which transferred and network devices logs to central servers. However, the problem was that logging solutions couldn't record every important event. As low collection from windows systems was limited. And application events were not always forwarded to lock servers in there. On top of that look, and those servers were managed by engineers who were supposed to be monitored.
So we work together with big prints to fully comply with the is 3000 standards, including the requirements for monitoring privilege users and risk termination with regards to password policies. In case of security breach for major incident feed prints can now share related with its effective customer in this way. Brains can quickly animate accountability issues, which enhances the company's reputation for SAPs. Great greatest company develop advantage is that the transfer to infrastructure, which has minimal adjustments required in a university. So we have a very, very good project with them.
And again, what was the need for that? The, the first example was about compliance and this is another compliance and security. I want to emphasize that they want to give an addition to their relo systems and another feelings of, of us that many of the companies has just finished in the past one or two years, same integration. They are now have central logging infrastructure. They are able to collect as many logs as comes from the infrastructure, but sometimes it's not enough.
So what we see now on the market that the customers just want to go step further and want to implement more implement such solutions that are able to reach the data that comes into the SIM system into the central logging system. So we have to make tight integration with SIM systems.
The next use case is about theor group uhor is a major mobile phone service provider, and it's a critical infrastructure with several external admins and a good example, how a modern telecommunication company works because although they have a huge infrastructure all over the world, they have so many external, external service providers. So they implemented the, the solution to somehow hand off this large amount of, so Teora has a complex site infrastructure with several high security network zones.
Maybe you worked in the news in a, a few years ago that they were even attacked in a great cyber attack, originated from Asia. So they have several high security network zones. And these critical network segments are administered not only by the internal it stock, but third party administrators as well. Therefore controlling system administration was a key aim of tele security department. Their particular problem was that they had no solution for tracing and monitoring the encrypted SSH administrative sessions.
They had S gateway and other security solutions in operation, but none of those could provide sufficient traceability and detectability of encrypted tracking. Consequently, they started to look for a new solution to be able to control internal as well as third party administration activity, some technical information here. The SC is now in operating SCS are software solution's operating, acting as a gateway to turn Analyst, mission critical sensor environment.
In the current implementation, they use two of us product in a geo and configuration serving six servers and 15 to 23rd of administrators and additional product serving 10 servers and 40 56 system admins. And plus, but not least, unfortunately I can't name this customer, but this customer is top five global cloud providers who one of, one of the best known cloud provider on the market. Nowadays, we just finished project with them. And some words about the challenge, the challenge was to access Contra and outed of administrative sessions in temps, geographically distributed locations.
So they have so many, the geographic locations, they have so many admins and because they have so many customer, they somehow have to fulfill the international requirements. So we have to provide SS HR and HTTP. So they think we have to provide sales ation because of the shared accounts. Access control based on groups is a must. The it's very interesting, but the possible management itself for, for the nice to have category, and we have to full fear, some interesting things such as the ITV six was they one of their requirement. So we have to make huge developments for them.
Now they have various installations, and that can be an example. I hope that after they understand, and they we'll get the daily operation of our product, they will go, they will move forward and provide the, this service, this monitoring service to their customer, customer and stuff. Some words, because I have only a few minute left some words about the solutions, our solution called the share control box.
As we, what we do with the share control box is activity monitoring. This is an appliance that controls access to remote server, virtual desktops on networking devices, and therefore the activities of the users accessing the systems.
For example, it records a system, administrators, contributor, the desktop of service through SSH protocol, or when the employees make transactions using things like applications in the Citrix environment, the recorded all these trails can be replayed like a movie reviewed events, exactly as data accord, the content of the trails is index to make searching for events that ultimately reporting possible. And with this, with this appliance, it is valued as the supervision of privileged user access has mandated by many compliance requirements. Another slide, how we things.
So we support the SSA HTTP down net RDP, Citrix monitoring, as I mentioned, not just from the administrative users, but also from the business users. There are similar use cases and the thing that our customers like this product, because we are able to provide fast deployment with extremely low TCOs, but I don't want to waste your time. If you are interested in our, in our product, you will find us on our website, www.quality.com com. And we can provide more information if you're interested in thank you for your attention. And we are waiting for the Q and a session. Okay.
Thank you for this interesting presentation on the customer scenarios, which are from my perspective where valuable. So as Java said, we are right now ready for the Q and a session. So if you have questions, please enter them right now so that we can pick these questions and answer your questions.
So, so, so one of the questions I I have here is I think it's quite interesting. One, how does the S SCB prevent malicious actions and report actions, How to prevent and report? So How does, how does it prevent malicious act actions and how does it report these actions?
So, so what is the way you, you do to, to interfere things which might be considered malicious, or how do you report that information and where can you interface, et cetera? Okay. So first of all, what we see is that the traditional prevention is the, is the, is the most popular way to, to prevent the measure. That means that our product is, is based on proxy gateway, but therefore the customers can, can define those excesses that are, that are really relevant for the users.
So they can, they can, they can say that this, this administrator can reach that server on that protocol in that time and so on and so on and so on. And so I think this, this is, this is the most traditional and the most common way, but the time is changing. So we have to move forward and give more information to the customers. Because for example, in a, as I see on the security market, the early warning is very important.
Now, therefore we want to introduce new product in this summer that are able to analyze these sessions online as a big data analytics solution, and can give information to the customers. What happens in the session and because of the big data nature of this analyzes, they can give the signs, the early warning signs of, of the future or an ongoing security incident. And with other security tools, the, or even with SCP, because through SCB, the customers can view online the session itself, the customers can prevent in a very good way against malicious attack reporting.
As I mentioned, we are indexing the sessions so we can give a very intuitive search interface to the customers when the customer can search for windows, titles, for comments, for keyword, for example, can review the whole session if they want, can jump to a specific part of the session. If, if interested in, so this, this is, this is one way for forensics. And of course we have a reporting capability.
We have very customizable reporting interface now, and we have some compliance supporting such as we have a P C I DSS report that can help an ongoing audit regarding the operation and can hold some science of malicious activities as well. Okay. Thank you for this answer. I have number of other questions right now here. So the question I effect is it's one question was a number of things. You mentioned that you have customers in Germany, a country renowned for its strict privacy or privacy and data protection laws, and strong work council.
So how do you make sure that the product does not violate privacy laws? How do you make sure that the data card cannot be app used by admin or management? So how to secure the trails, et cetera, and how to deal with situations where someone is using a private SSH key? Okay. So privacy, privacy is one of, one of, one of the main challenge, I think not just in Europe, but that, that will be one of, one of the main challenge in the whole world nowadays. And we think that, and we, and we really feel that that, that privacy must be give to the customers.
And we have to find the right balance between the security and privacy. Therefore, the LD, the LD trails are the most important data that is stored in the, in the SVP box. We provide strong cryptography on LD trails. We can provide this keys and the review of the Saudi trails with separate keys in such privacy issues. And in the future, we want to provide more and more information for the users. What was monitored about the user activity? What was the content of the specific user, the content of the trail, what was produced by the, by the specific user?
So this, this is really believe in, in the good user, short cryptographic. Okay. Another question here I see is how do you prevent malicious insiders? Or is there something from you don't do from opening up SSH tunnels, creating a vector that bud UN access, As I suggest the, as, as I mentioned, we have a proxy solution. Therefore we have specific proxys, for example, for SSH. And we really analyze the RSCs behind the SSH protocol, and we have a fine tuning capabilities to control the different channels of the SSH connection.
So the, with this, with this control, the customer can define what SSH channels are accepted in a session and which are not Okay. Another question is around performance.
So, so if there's something in between, what about sort of the potential performance or, or isn't there anything? Yes. I just open my sizing, the pure performance with the lowest, the, the small box, what we have in CP, the maximum number of the RDP sessions are 200. The maximum number with SSA sessions is 1000. And the maximum number of HTTP sessions is 500. So this is the smallest we can give larger appliances as well. We can give virtual appliances as well, but with, with the smallest one, you can monitor this number of concurrent sessions. Okay.
I think we, this has been so far the last question. So let's wait if there are first questions, otherwise I think we are done for today. And so it's up to me to say thank you to all the attendance of this webinar for attending. Today's copy a call webinar and thank you to you. Thank you to Bab for taking part in this webinar. Hope to see you soon, another webinar or at our upcoming European identity and cloud conference in Munich. Thank you.
