Listing Thumbnail

    WALLIX Bastion 10.0

     Info
    Sold by: WALLIX 
    WALLIX Bastion consists of five major components that together form a solid cybersecurity posture of a mature Privileged Access Management solution: Session Manager, Password Manager (Vault), Access Manager, Privilege Elevation and Delegation Manager (PEDM) and Application to Application Password Manager (AAPM).
    0 AWS reviews
    View purchase options
    Listing Thumbnail

    WALLIX Bastion 10.0

     Info
    Sold by: WALLIX 
    View purchase options

    Overview

    Session Manager Session Manager provides IT managers with a powerful solution to manage and control access and to audit user sessions. Only authenticated users are granted access to authorized targets. Audit trail includes full-color video, transcript and metadata. Controls can be implemented to block copy or delete. The solution helps meet compliance requirements by providing a strong security posture.

    Password Manager Password Manager allows IT managers to easily control and manage their passwords, secrets, and credentials. It works with the WALLIX vault or integrates with third-party vaults to protect and enhance existing investments. Credentials are stored securely in a controlled safe and passwords are protected against theft and sharing with sophisticated encryption. It eliminates password sharing and ensured that only authorized users can check out passwords.

    Access Manager Access Manager provides connection services between web browsers and targets on which users are authorized to log on. Target access is performed through WALLIX Bastion appliances. The connections are done using HTML5 clients; no browser plug-in is required. Access Manager enables also users with the appropriate rights to display target passwords in the browser and/or to copy them directly to the clipboard.

    Application-to-Application Password Manager

    Application-to-Application Password Manager allows DevOps to access critical resources without ever knowing the credentials (i.e. passwords and SSH keys). Secrets are securely stored and AAPM allows completely secure access to DevOps tools and robots for unmatched security and productivity. Provides automatic access to critical IT resources in real time, without leaving vulnerable and hard-coded credentials in scripts. AAPM is easily installable software and works with Ansible, Terraform.

    Universal Tunneling Universal Tunneling is the solution on the privileged access market that enables access to industrial machines without having to change the usual processes, install any fat clients or change the configuration of remote proprietary applications. Industrial protocols (such as Modbus, OPC-UA, Profinet, etc.) are encapsulated directly in an SSH tunnel, enabling service providers to connect to their PLCs, gateways and other industrial components, while maintaining a high level of cyber security. In compliance with applicable regulations, authentication, traceability and session control are guaranteed.

    Highlights

    • Disable internal and external threats: Securely centralize privileged users and critical systems management
    • Ensure regulatory compliance: Avoid penalties by protecting and tracking access to your critical data
    • Reduce your costs: Control your TCO thanks to simplified implementation and operation

    Details

    Sold by
    WALLIX 
    Categories
    Network Infrastructure 
    Security 
    Delivery method
    Delivery option
    64-bit (x86) Amazon Machine Image (AMI)
    Latest version
    Operating system
    Debian 10.13

    Features and programs

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases
    View financing details

    Pricing

    WALLIX Bastion 10.0

     Info
    View purchase options
    Pricing and entitlements for this product are managed outside of AWS Marketplace through an external billing relationship between you and the vendor. You activate the product by supplying an existing license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. Subscriptions have no end date and may be cancelled any time. However, the cancellation won't affect the status of an active license if it was purchased outside of AWS Marketplace.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    Additional AWS infrastructure costs

    Type
    Cost
    EBS General Purpose SSD (gp2) volumes
    $0.10/per GB/month of provisioned storage

    Vendor refund policy

    Please contact WALLIX sales for refund policy

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    64-bit (x86) Amazon Machine Image (AMI)

    Amazon Machine Image (AMI)

    An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.

    Version release notes
    • WAB-1893: Fix the mailing mechanism in Discovery AD scans for devices.
    • WAB-3793: Remove an error message in logs when an automatic password change is triggered by checkout timeout.
    • WAB-4207: Fix multiple issues that prevented the proper import and export of password change plugins to CSV.
    • WAB-4544: Improve the wabgui service to avoid the "Too many open files" issue by increasing the maximum number of files opened.
    • WAB-5235: Add support of PKCS1 and PKCS8 formats for SSH keys download.
    • WAB-5404: Fix SSH connection files when SSH proxy does not use standard 22 port.
    • WAB-5873: Fix user group duplication in CSV (export) when the group has a limited profile.
    • WAB-5934: Fix WABSessionLogExport script to remove sessions from Session history.
    • WAB-6176: Update the Palo Alto/PANOS password change plugin to handle the banner that can be displayed at login.
    • WAB-6251: Fix LDAP/AD authentication domain information in the administration guide.
    • WAB-6372: Fix estimation of free disk space before purging session logs.
    • WAB-6416: Remove the second successful authentication from the authentication history when a legacy page is displayed in the new interface.
    • WAB-6427: Fix issue in the "Device" field of the "Targets" > "Accounts" form.
    • WAB-6455: Fix issue with the "Global domain" field on the RDP service addition form of the target device configuration page.
    • WAB-6478: Fix duplicate traces locally and on remote storage when remote storage is full.
    • WAB-6512: Fix to reduce contention on database caused by bastion-traceman command to avoid "Lock wait timeout exceeded; try restarting transaction" errors.
    • WAB-6615: Fix memory usage calculation for System > Status page.
    • WAB-6643: Fix issues with bastion-debugging-tools.
    • WAB-6806: Update mariadb to version 10.5.19-0+deb11u2~bpo10+wallix1 to fix the following security issue: CVE-2021-27928.
    • WAB-6820: Improve field validation in the System > Network web page by making the Hostname and FQDN fields mandatory.
    • WAB-6932: Improve hostname validation on the System > Network page by preventing the changes from taking effect if the value does not comply with the applicable RFC (rfc1123); an underscore in a hostname, for instance, is not permitted.
    • WAB-7111: Fix incorrect permission on SSH Session logs files (.sshlog).
    • WAB-7112: Fix permissions on apache2 log files.
    • WAB-7168: Improve information label about DRBD High-Availability to avoid confusion with Database Replication.
    • WAB-7170: Update ICAP client to 0.6.11 to support reqmod and respmod response with null-body header > 0.
    • WAB-7208: Fix to make the HashiCorp Vault usable with a secret engine containing a slash ( / ) in its path.
    • WAB-7304: Fix Session Probe post-launch cleanup procedure so that it closes the "Another program is currently using this file" message box.
    • WAB-7342: Fix display of approval request details in page Audit > Session history for auditors.
    • WAB-7382: Fix "unknown error when resizing logical volumes" in migration.
    • WAB-7443: Fix error in display of unused resources data.
    • WAB-7471: Fix error on running WABSessionLogIntegrityChecker script.
    • WAB-7478: Fix approbation issue with an account mapping.
    • WAB-7484: Improve "Missing authorization UID for right" log message by changing the log level to TRACE.
    • WAB-7489: Add anonymization of table "activity" in script bastion-db-anonymizer.
    • WAB-7537: Fix timeout issue when rotating many SSH keys.
    • WAB-7562: Remove the useless WABClearSession command that was failing with a stack trace.
    • WAB-7563: Fix compatibility issue between Application Driver with UI Automation scripts in Remote App mode on Windows Server 2022 from version 21H2 OS build 20348.1970.
    • WAB-7592: Fix of a traceback occurring when attempting to update a Bastion while its cryptography is locked.
    • WAB-7614: Fix error that prevented a Bastion from being upgraded when in HA DRDB.
    • WAB-7621: Fix RDP target session locking by Session Probe on some Windows servers.
    • WAB-7629: Fix the account search bar for Microsoft Entra ID accounts.
    • WAB-7712: Update mariadb to version 10.5.19-0+deb11u2~bpo10+wallix1 to fix the following security issue: CVE-2021-27928.
    • WAB-7744: Fix multiple passwords associated with the same account when rotating secrets in Master/Master Database Replication cluster.
    • WAB-7781: Fix Database Replication installation if the passphrase or password of the wabadmin or wabsuper users contains the character "%".
    • WAB-7799: Fix inability to use the same remote storage with two WALLIX Bastion.
    • WAB-7856: Fix the device configuration by allowing the use of /0 as a subnet.
    • WAB-7936: Improve deletion of session logs when running the WABSessionLogExport script.
    • WAB-8009: Fix REST API error on filters with specific date format.
    • WAB-8019: Improve message displayed to user for TLS errors with RDP connections.
    • WAB-8026: Fix to ensure that users who are not approvers cannot receive approval request notifications and approve them.
    • WAB-8034: Fix the display of Bastion user groups in the external users view when the same LDAP/AD mapping is present in several of these groups.
    • WAB-8038: Fix the addition of an entry in /etc/hosts causing WALLIX Bastion to become unreachable.
    • WAB-8042: Improve readability by renaming "Authentication domain name" to "Server domain name" in "User groups" form.
    • WAB-8154: Fix X.509 connection with an Active Directory user without setting up a default mapping.
    • WAB-8170: Fix IPLoop failure in WALLIX-PuTTY when Universal Tunneling target IP is already assigned to the loopback network interface.
    • WAB-8227: Add support for the new PuTTY SSH private key file format PPK3 in WALLIX-PuTTY.
    • WAB-8288: Fix the sending of notifications that was not always working.
    • WAB-8361: Fix WALLIX Database replication installation when product name is modified in configuration.
    • WAB-8386: Update Linux Kernel to fix the following security issues: CVE-2021-44879, CVE-2023-5178, CVE-2023-5197, CVE-2023-5717, CVE-2023-6121, CVE-2023-6531, CVE-2023-6817, CVE-2023-6931, CVE-2023-6932, CVE-2023-25775, CVE-2023-34324, CVE-2023-35827, CVE-2023-45863, CVE-2023-46813, CVE-2023-46862, CVE-2023-51780, CVE-2023-51781, CVE-2023-51782, CVE-2023-6040 and CVE-2024-0193.
    • WAB-8548: Update iproute2 package to version 5.10.0-4~bpo10+1.
    • WAB-8551: Update axios dependency to version 1.6.5 to fix the following security issue: CVE-2023-26159.
    • WAB-8785: Fix SSH connection failures when using SSH client with kex strict extension and Diffie-Hellman key exchange algorithms.
    • WAB-8859: Fix and better handling of IP Source Routing mode in WABNetworkConfiguration.
    • WAB-8874: Fix Smart launcher start delay parameter (value > 0) that prevented Session Probe from being launched.
    • WAB-8990: Fix WALLIX Bastion outage when filesystem is full and trying to download debug logs zip file.
    • WAB-8993: Fix parsing of LDAP user e-mails for approval permissions.
    • WAB-9046: Improve resilience by replacing NTP package by NTPsec.
    • WAB-9049: Fix NTP configuration not being applied until next reboot.
    • WAB-9085: Fix "grub-mkconfig not found" error.
    • WAB-9086: Update sudo package to fix the following security issues: CVE-2023-7090, CVE-2023-28486 and CVE-2023-28487.
    • WAB-9115: Fix trace integrity error when the RDP or SSH session was interrupted by a service restart.
    • WAB-9138: Fix inability to launch Session Probe if the Remote Desktop Connection window is minimized.
    • WAB-9169: Add the "secure" flag on the Superset session cookie (Dashboards).
    • WAB-9177: Fix failure in RDP authentication when multi-factor response can be empty.
    • WAB-9186: Fix CAL per Device license management when using multiple RDS in an application cluster.
    • WAB-9218: Fix retrieval of AD group membership information for a target account in an RDP session.
    • WAB-9230: Remove sensitive data from the debug log.
    • WAB-9302: Improve default startup configuration for WALLIX daemons.
    • WAB-9363: Fix an issue where permission on /var/wab/hash directories would not be set correctly after restoring a backup.
    • WAB-9375: Fix the absence of two csv reports in the daily reporting e-mail.
    • WAB-9403: Fix to automatically close primary sessions that are still open by error.
    • WAB-9466: Fix permission issue on /var/wab/backups.
    • WAB-9469: Fix permissions on recording files when moved to a SMB/CIFS remote storage.
    • WAB-9479: Remove Celery "broker" and "backend" options from the Web interface.
    • WAB-9481: Fix RAM indicator showing absurd values.
    • WAB-9486: Improve compatibility with HA database replication by reducing the size of the password generated for the database to 32 characters.
    • WAB-9492: Fix permission issue on the backup daemon socket.
    • WAB-9514: Improve approval display time for approvers on large LDAP directory.
    • WAB-9544: Update libnss3 package to fix the following security issues: CVE-2023-5388 and CVE-2024-0743.
    • WAB-9545: Fix of the cryptography initialization by bastion-init-crypto script to initialize account mapping domain.
    • WAB-9711: Fix access to an application outside authorized time frames.
    • WAB-9748: Fix a bug in which data retention was set to 35 days if it exceeded 365 days.
    • WAB-9756: Update python3.7 packages to version 3.7.3-2+deb10u7 to fix the following security issues: CVE-2023-6597 and CVE-2024-0450.
    • WAB-9763: Fix sending of the emergency credential recovery e-mail.
    • WAB-9798: Fix migration to 10.0.6 from 10.0.5 with patch-bastion-10.0.5-WAB-8039-fix-weak-access-controls.zip.
    • WAB-9804: Add option "LDAP case insensitive" in order to do case insensitivity checks for LDAP or Active Directory mappings. The performance of users listing is impacted by this option.
    • WAB-9818: Add extended mouse buttons support in RDP sessions.
    • WAB-9834: Fix wrong EHLO command by sending a correct hostname.
    • WAB-9963: Improve Filesystem Virtual Channel Manager to ignore malformed requests.
    • WAB-9966: Fix connection to database in script bastion-db-anonymizer.
    • WAB-9988: Fix profile addition by a limited administrator.
    • WAB-9998: Allow auditor with a restricted group to see accounts activities under their control.
    • WAB-9999: Add anonymization of authentication domains in script bastion-db-anonymizer.
    • WAB-10091: Fix maintenance page in Targets > Applications.
    • WAB-10167: Plan a single checkin task after multiple checkouts of the same account by the same user.
    • WAB-10217: Update WALLIX-PuTTY to version 0.81.1 to fix the following security issue: CVE-2024-31497.
    • WAB-10244: Improve backups by allowing a backup to happen while bastion-traceman is running.
    • WAB-10267: Update glibc package to version 2.28-10+deb10u3 and intel-microcode package to version 3.20240312.1~deb10u1 to fix following issues: CVE-2024-2961, CVE-2023-22655, CVE-2023-28746, CVE-2023-38575, CVE-2023-39368, CVE-2023-43490.

    Additional details

    Usage instructions

    See WALLIX Bastion quick Start Guide : https://marketplace-wallix.s3.amazonaws.com/Bastion-quickstart-en.pdf 

    Support

    Vendor support

    WALLIX customers with a valid maintenance contract benefit from technical support services available in English and French. With guaranteed response times and 24/7 availability, you're never left stranded without support from technical experts.

    Updates for the most recent version of the software are included in all support levels.

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Get support

    Similar products

    WALLIX Bastion 12.0
    By WALLIX
    WALLIX Bastion consists of five major components that together form a solid cybersecurity posture of a mature Privileged Access Management solution: Session Manager, Password Manager (Vault), Access Manager, Privilege Elevation and Delegation Manager (PEDM) and Application to Application Password Manager (AAPM).
    View product
    WALLIX Access Manager 4.0
    By WALLIX
    WALLIX Access Manager is an optional feature of WALLIX Bastion. In the digital era with increasingly growing remote and decentralized workforce it is essential to control and audit external access to critical assets thus protecting against cyber threats. Access Manager offers a simple and light alternative to fat client solutions with a seamless user experience: system administrators continue to operate critical systems through SSH or RDP consoles embedded in a web browser. It contributes to reducing the TCO thanks to a seamless integration with existing IT systems and the absence of expensive VPN client. Access Manager is a centralized approach to managing external access which reduces attack surface to a single secured HTTPS entry point.
    View product

    Customer reviews

    Write a review

    Ratings and reviews

     Info
    0 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    0%
    0%
    0%
    0%
    0%
    0 AWS reviews
    No customer reviews yet
    Be the first to write a review for this product.