VShell is a secure alternative to Telnet and FTP that gives you the strong encryption, trusted authentication, and data integrity you need to securely access network resources and transfer data.
VShell is simple to install and set up, enabling you to quickly deploy and fine tune your server environment to comply with internal policies and external regulations. Provide secure remote access to the network for IT and end users, securely configure and maintain servers and network services, and deliver secure file transfer services with confidence.
VShell's extensive configuration options and trusted authentication methods give you the right balance between protecting your network and providing your employees and customers with access to the data they need.
Using fine-tuned configuration options like access control lists (ACLs) and virtual directory structures, enforce your security policy by placing safeguards on all personnel who have access to the VShell server. Using "triggers" initiates protective or corrective measures if it looks like a security problem is developing.
The VShell server is available in several editions so that you can use a modular approach to deploy cost-effective solutions that fit your needs. The VShell server can be licensed to meet the needs of every size network and organization, from single admin-only server access to enterprise-wide remote access, secure file transfer, and data tunneling solutions.

Multiple virtual root directories:
· The VShell virtual root capability lets you assign different root directory access points to users or groups.
Windows account integration:
· Native integration with Windows user accounts and groups (local and domain). Control access to VShell functionality.
Access control:
· Grant access to VShell services by authorized users or groups. On an individual or group basis, allow or deny access to VShell services such as shell, SCP, SFTP, FTPS, and port forwarding.
Authentication choices:
· Choose from a number of authentication mechanisms including public key, Kerberos, and X.509 digital certificates to create a more secure two-factor authentication strategy. (X.509 support is not available for Mac OSX and FreeBSD.)
FTPS option:
· Choose between Secure Shell SSH2 and FTP over SSL according to your network standards.
SCP file transfers:
· SCP file transfers using clients operating as a secure RCP replacement that forwards a remote execution request to SCP over SSH2 (not SFTP). Honors settings for logging, ACLs, and SFTP roots.
Automated secure file transfers:
· Use vcp, vsftp, vsh, or any SFTP or SCP2 clients to automate and schedule unattended file transfers.
Internal User Database:
· Configure VShell-specific users through the VShell Control Panel User Database page. These VShell-defined users are separate from Windows System accounts.
Administer servers remotely and securely:
· Securely access and administer web, mail, database, and application servers.
Accomplish common administrative tasks:
· With existing secure shell utilities, add new users to the network, check print queues, and control services. Use text-oriented editors (e.g., EDIT and vi) to edit files on the remote system.
RunAs Commands:
· Give VShell users permission to remotely execute commands as a different user without full admin privileges. The administrator controls who can remotely execute commands, which commands are executed, and what account is used.
· Start unattended batch jobs VShell support for remote command execution allows unattended jobs to be started with any Secure Shell (SSH2) client.
SSH2 support:
· VShell SSH2 support offers cross-platform security when connecting from remote clients for shell, file transfer, or port forwarding access. Connect with Secure Shell clients including SecureCRT, SecureFX, and a wide variety of other standard tools.
Data encryption:
· Encrypt the data using a wide selection of ciphers including 3DES, Twofish, Blowfish, AES-128, AES-192, and AES-256. RSA and DSA public-key authentication methods are also supported.
Data integrity:
· Message authentication codes (MACs) protect the integrity of each message sent over the network (preventing replay or insertion attacks).
Data compression:
· Configurable data compression helps improve transfer speeds over slower network links.
Host identity verification:
· Unique server host key proves its identity to a client as a "known" host (preventing a man-in-the-middle attack).
Port forwarding:
· Forward TCP/IP ports to securely access standard data traffic like POP3 and SMTP over the internet and intranets through a single, secure, multiplexed channel.
Deny Host file:
· VShell for Windows now tracks failed authentications by IP address. Once an IP address has been added to the Deny Hosts file, VShell will not allow future connections from that address.
Jail shell:
· Two configuration options, ChrootUsers and ChrootGroups, combine to restrict users and members of groups to their home directory with any shell, SFTP, or subsystem operation.
IPv6 support:
· Transparent support for IPv6 allows you to move to the new protocol whenever you are ready. (If you need IPv6 support for AIX 4.3 or HP-UX 11 - let us know).
Pass-through printing support:
· Pass-through printing allows a remote host program to print on the printer attached to your local terminal (or PC running terminal emulation).
Command-line utilities:
· Automate routine tasks using command-line utilities: vsftp for an interactive SFTP command line, vsh for command-line shell access, vcp for command-line file transfer, vkeygen to generate public/private keys, and vpka to upload keys to the server.
Mouse support:
· VShell provides mouse support for character-based applications running in a command window.
General server configuration:
· Configure general server options like listening port, keepalives, idle timeout period, and command shell.
Windows Control Panel:
· Configure VShell for maximum security through an easy-to-use graphical control panel.
VShellConfig utility:
· A Windows command-line utility that allows editing of virtual roots, access control lists (ACLs), and the VShell user database. VShellConfig can import and export configurations to save time when backing up or moving VShell.
Filters:
· Configure which hosts can connect by IP address, hostname, or netmask; configure which port forwarding requests are allowed.
Idle timeout option:
· Allows timing out sessions after a configurable idle time.
Secure user authentication:
· Control access to servers and networks using existing usernames and passwords or choose other enterprise-wide authentication methods.
Authentication settings:
· Configure authentication options by limiting the number of failed attempts, setting a timeout period for completed authentications, and setting the required authentication methods.
Allowed/required list for authentication methods:
· Specify which authentication methods are allowed or required when users connect to the server: password, public key, GSSAPI or keyboard authentication.
Kerberos v5 authentication via GSSAPI:
· Kerberos via GSSAPI increases interoperability while enhancing the security of enterprise-wide network authentication.
Public key-only authentication:
· Automate unattended file transfers and batch jobs. Can also streamline logon process for users.
Keyboard interactive authentication:
· Keyboard-interactive allows you to customize authentication using PAM plugins. PAM plugins can, for example, enable password expiration enforcement policies or the use of SecurID cards.
RADIUS server support for SecurID authentication:
· VShell for Windows allows authentication through RADIUS servers using SecurID or other methods. RADIUS support is implemented through keyboard-interactive authentication.
X.509 certificate authentication method:
· Comply with organization-wide PKI policies designed to protect critical information and overcome identity theft and electronic fraud.
Server message logging:
· Selected server messages may be logged in the VShell log file, sent to the Windows system log or a remote syslog/syslog-ng server. Message groups include errors, warnings, informational, connection, authentication, SFTP, port forward, debug, LSA, and FTPS.
Windows event log:
· VShell error and warning messages as well as selected other message groups are sent to the system event log.
syslog support:
· All log messages can be sent to a remote syslog or syslog-ng server.
W3C logging option:
· The W3C extended log file format option allows the use of third party log tools to analyze VShell activity.
Automation triggers:
· Configurable trigger conditions allow automated responses to server events: login, logout, upload, and download, also file/folder create, delete, and rename.
FIPS 140-2 support:
· VShell uses a FIPS 140-2 validated cryptographic library. VShell can be installed in "FIPS Mode", which allows only FIPS-approved algorithms.

Requirements:
· Pentium 200
· 64 MB RAM

Limitations:
· 30 days evaluation period
· Nag screen

What's New in This Release:
Bug fixes:
· The License wizard could not be started from the VShell evaluation dialog.
· VShell FTPS: Port data connections would not always originate from the correct IP on machines that have multiple network interfaces or multiple IP addresses.