WhiteStar Shell

Sometimes things break - software goes awry, mistakes are made - and you need provide support to your customers.  The trouble is your organization needs to allow support technicians, both on-staff and third-party, remote access to devices within a corporate network (for diagnostic purposes), without exposing those devices to the risk of outside penetration by unwanted individuals. Furthermore direct interactive access is best - the ability to actively view/collect log files or run diagnostics real time on the devices in question - and once diagnostic log files are generated, securely retrieving them is another major problem.

The overall remote support landscape is complicated.  Devices may be on-premises, in the Cloud or running as a virtual machine.  They may be assigned private IP addresses with very limited reachability.  They may be behind multiple firewalls.  Standard tools like SSH [secure shell] require holes in firewalls to function, as well as user accounts with sufficient permissions to diagnose and repair a problem.  Customers are very reluctant to open their network up to allow such access - nor do they want to provide a “phone home” facility that constantly sends information back to their vendors.  Furthermore, Cloud-based management systems have enormous attack surface areas, and most other tools do not account for, or enforce, technician segmentation (the ability to limit exactly which support personnel can access a particular customer's device).  You may also find that companies are extremely hesitant to allow any of their sensitive corporate data to be stored in any Cloud-based management or support platform.

WSH, running on WhiteStar’s trust-based overlay network, gives your organization the ability to provide real time first or third-party support without creating a security risk to your customer's network infrastructure.  By maintaining a robust trust-based ecosystem, WhiteStar allows your organization to provide support without the need to open your customer's firewalls or request user accounts with special privileges.  Additionally, WSH provides for the designation of trusted support providers by customer, allowing you to securely segregate which of your staff can actually connect to a particular customer's devices.

While providing the ability to securely access devices within a customer's enterprise network, WSH also provides the ability to transfer any size file - like a system log - to and from devices in a totally secure fashion.  This means your support staff can access files from a customer's devices securely, without the fear that data (potentially containing sensitive user and device data) may be leaked online, protecting your customer against potential data exfiltration. 

WSH utilizes the underlying WhiteStar NOS to affirm trust in individuals who are allowed to access particular devices on a corporate network.  The network itself acts as a trusted third-party, ensuring that only the correct users may connect to devices on a network.  This first party trust model ensures the utmost security, and carries with it all the other benefits of the WhiteStar NOS, like content ownership, constant encryption and the ability to have transient networks that break apart when not in use.  Likewise it also allows for domain specific siloing of user access, which can be based on virtually any characteristic, including geographic specificity.  WhiteStar can even be used to lock down terminal access to specific technicians, so only certain individuals within the support organization may access servers with sensitive data on them.