BastionZero is a powerful and secure zero trust remote infrastructure access control solution designed to simplify and enhance the management of remote access to your backend systems. If you're considering replacing your legacy remote access tools like SSH with BastionZero, you can easily evaluate the platform by running BastionZero's free account alongside your existing SSH setup.
One of the key benefits of BastionZero is that it can be used at the same time as traditional SSH without any issue. This makes it simple and risk-free to evaluate and adopt BastionZero in your existing environment. You can maintain your existing SSH workflows while gradually discovering the powerful features and added security that BastionZero offers as an SSH alternative.
In this blog post, we'll guide you through the process of running BastionZero alongside SSH, allowing you to evaluate the platform's features and benefits, and make a well-informed decision about how you want to handle remote access moving forward. You can find a comprehensive guide to connecting to a Linux host using BastionZero’s platform here, but the general idea follows below.
Step 1: Sign up for a BastionZero account
The first step to using BastionZero is to sign up for a free account. You can do this by logging in with either a Google or Microsoft account. Visit https://www.bastionzero.com/ and click on the "Get Free Account" button to begin the registration process. This free account will give you access to 10 targets for up to 3 users.
Step 2: Deploy the BastionZero Agent
Once you've created your account, you'll need to deploy the BastionZero Agent on your infrastructure targets (e.g., servers, containers or clusters). The agent enables secure and efficient remote access to your targets. Follow the detailed instructions on the BastionZero documentation page to deploy the agent.
Step 3: Install the ZLI (BastionZero’s Command Line Interface)
After deploying the agent, you'll need to install the ZLI on your local machine. The ZLI acts as a command-line interface for interacting with BastionZero, managing your remote access and connecting to targets. Follow the installation guide to set up the ZLI on your system.
Step 4: Create an Access Policy
To manage and control access to your infrastructure targets, you'll need to create an access policy within BastionZero. Access policies define user permissions and specify the resources users can access. To create an access policy, follow the steps outlined in the BastionZero documentation. Once you’ve configured a policy, you can establish a connection using the ZLI.
As you become familiar with BastionZero, you'll start to appreciate its advantages as an SSH alternative and may decide to fully transition your remote access processes to BastionZero, eventually deprecating SSH for a more secure and efficient solution.
There are many benefits of using BastionZero over legacy SSH:
- Enhanced security: BastionZero employs a zero-trust security model, eliminating the need for long-lived credentials held by users or clients. This reduces the risk of unauthorized access and increases the overall security of your infrastructure.
- Fine-grained access control: The platform allows engineers to authenticate directly to each target, enabling you to restrict lateral movement and exercise precise control over which roles each engineer can access on each target.
- Reduced operational overhead: BastionZero is an always-on cloud service, which means it requires less operational maintenance than traditional jump hosts.
- Automatic integration with Single Sign-On (SSO) providers: BastionZero simplifies user management by seamlessly integrating with your existing SSO provider.
- Comprehensive logging and monitoring: The platform logs and monitors remote access by users or their scripts, allowing you to keep a close eye on all activity within your infrastructure.
- Cloud-agnostic remote access: BastionZero supports remote access to infrastructure targets in any cloud or data center, providing flexibility for diverse infrastructure setups.
- Ease of use: BastionZero is user-friendly and easy to deploy, with features like auto-discovery of targets that streamline the process of setting up and managing access to your infrastructure.
In summary, you can easily evaluate BastionZero's free account alongside legacy remote access tools like SSH, allowing you to compare the two solutions and make an informed decision about what works best for your organization without having to make any major modifications to your current infrastructure access processes.