Keeper 101 | Enterprise - Keeper Connection Manager With Remote Browser Isolation On-premise
Keeper Connection Manager, is a Zero-Knowledge and Zero-Trust platform that provides instant, secure and effortless access to your infrastructure and desktops from any device. Keeper Connection Manager is an agentless remote desktop gateway that can be installed in any on-premise or cloud environment.
Keeper Connection Manager was built by the original creators of Apache Guacamole, a widely used open source remote access gateway with millions of installs. Guacamole's proven technology and active development community provides customers with a high level of trust.
Here's how it works. Keeper Connection Manager is easily installed into your environment as either a docker container or as a service on any CentOS or Red Hat Enterprise Linux machine. The platform is 100% clientless, agentless and browser-based, which means that you don't need to install anything on your endpoints or target systems. Access can be controlled through many different methods including SSO, Active Directory, password, MFA, firewall rules and client certificates - even passwordless.
To access a remote system, The end-user accesses their desktops through a web browser which makes it accessible from any computer, tablet or mobile device.
For privileged sessions, the platform allows you to set up remote sessions for users without exposing the credentials to the user. Session videos and keystrokes can be recorded for auditing purposes, and there's a ton of flexibility in how you can configure the remote sessions. You can even share sessions between multiple users, providing many flexible use cases and workflows.
In the simplest use case, you can replace your existing VPN and legacy remote desktop tools.
Users just login to Keeper Connection Manager and then instantly access their desktops and systems with one click. It's all through a web browser so the user experience is super simple. The remote session is very fast and responsive.
Desktop access works with RDP or VNC protocols, so it's compatible with any type of Windows, Mac or Linux system.
For terminal-based sessions, the SSH experience is just as simple and responsive.
The SSH connection type behaves just as if you were sitting on the physical machine.
For web-based access, Remote Browser Isolation sessions are almost indistinguishable from using the native browser.
As you can see, the user doesn't need to know the credentials to login to the remote system. It's completely managed by Keeper.
You can switch between multiple active connections by clicking on the thumbnail here. Switching between desktops is instant.
You can tile multiple connections in the same window. I'll open 4 different connections to different endpoints just by multi-selecting them here.
I can even execute the same terminal commands in all of the systems at once.
Connections can be shared among team members. This is helpful in situations where you need to collaborate on the same session, or if you just need to monitor usage. You can join existing sessions from the "Active Sessions" screen....
Or, you can share your session with an outside user, such as a contractor, with a Share link.
Login sessions can be recorded, audited and played back by the administrator. Video of every mouse movement, keystroke and user interaction is captured for auditing purposes.
For privileged sessions, Keeper Connection Manager integrates with Keeper Secrets Manager. This allows the Admin to manage and protect the privileged account credentials in the Keeper Vault, and carve out specific records and folders that the connection manager can access. When a user is granted access to a remote session, the credentials are never exposed to the user. That's managed between Keeper Connection Manager and the Keeper Vault. Everything is protected with zero-trust and zero-knowledge security under multiple layers of encryption.
The Remote Browser Isolation connection type provides secure access to internal or cloud-based web applications through a rendered, isolated browser experience. The website's code never executes locally on the user's device, so the user is immune to many different types of attack vectors.
Web-based connections are established through a chromium engine that is projected through the user's browser. Each connection can be associated with a specific web app, or it can be configured to allow broader web browsing within a specified list of allowed domains.
Remote Browser Isolation sessions also provide the capability of auto filling credentials into login screens, submitting forms and other automations. The credentials are never sent to the user's device -- they are auto-filled from the KCM container and visually projected through the user's web browser.
The login credentials can be supplied directly in the user interface, or they can be provided as a reference to a record from the Keeper vault.
To speak to a Keeper solutions engineer or start a trial of Keeper Connection Manager, visit keeper.io/contact