How strongDM Works

strongdm-diagram
Client

Client on the user’s workstation listens on dedicated localhost ports then tunnels all queries, ssh & RDP commands through a single TLS 1.2 secured TCP connection to the proxy.

Gateway

Gateway decrypts, logs, and conveys all requests to the database or server using its native protocol.

Logs

strongDM logs consist of four components:

  • Database queries
  • SSH captures
  • Windows Remote Desktop captures
  • Web UI activities
Target Systems

If the gateway cannot communicate directly with the target database or server, a relay can create a reverse tunnel that permits ingress into secured networks where inbound traffic is not allowed.

Screen Shot 2019-04-30 at 8.23.20 PM

Yes, we support your stack.

With turn-key integrations, strongDM seamlessly supports the entire DevOps stack:

  • Identity providers
  • Automation tools
  • Log Aggregators
  • Every Database Type
  • Linux & Windows Servers

Streamline Staff Onboarding

Extend your SSO to manage access to databases and servers in addition to apps. Provision a user once and they automatically inherit the appropriate permissions based on their role.

  • Less work for DevOps
  • Fewer delays for new hires
  • Complete audit trail of everyones’ permissions
SSO authentication using strongDM
database-permissions-user-interface

Secure Staff Offboarding

Suspend once in your SSO and instantly revoke access to every database and server. No rooting around for individual ssh keys or database credentials.

  • Eliminate manual checklists
  • Be confident nothing slips through the cracks
  • Audit trail of when, where & who revoked access

Temporary Access That Expires

Easily request & receive temporary access without provisioning new database credentials or ssh keys.

  • Eliminate delays during bug fixes or incidents
  • Request access in Slack through our chatbot
  • Audit trail of every permission change
temp-access-test
strongDM Queries Admin Screen

Upgrade Audit Logs

It’s not enough to know a session happened. If you can’t tell what someone did, there’s no way to tell how much damage was done.  strongDM’s log include:

  • When & who changed staff’s permissions
  • Who issued each query, ssh & RDP command
  • Complete coverage across any database, server or environment

“The effort to achieve SOC 2 without strongDM would have been monumental.”

yext-headshot-1

Michael DaSilva

Manager Information Security, Yext
yext

Ready to get started?

Schedule a demo to connect and secure your first database or server.