{"id":40131,"date":"2025-11-19T12:22:42","date_gmt":"2025-11-19T11:22:42","guid":{"rendered":"https:\/\/relnet.hu\/?p=40131"},"modified":"2025-11-19T12:22:42","modified_gmt":"2025-11-19T11:22:42","slug":"a-privx-ot-a-kuppingercole-szerint-is-a-biztonsagos-tavoli-hozzaferes-bajnoka","status":"publish","type":"post","link":"https:\/\/relnet.hu\/en\/a-privx-ot-a-kuppingercole-szerint-is-a-biztonsagos-tavoli-hozzaferes-bajnoka\/","title":{"rendered":"A PrivX OT a KuppingerCole szerint is a biztons\u00e1gos t\u00e1voli hozz\u00e1f\u00e9r\u00e9s bajnoka"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-40132\" src=\"https:\/\/relnet.hu\/wp-content\/uploads\/2025\/11\/ssh-kuppinger-sra-overall-min.png\" alt=\"\" width=\"1440\" height=\"557\" srcset=\"https:\/\/relnet.hu\/wp-content\/uploads\/2025\/11\/ssh-kuppinger-sra-overall-min.png 1440w, https:\/\/relnet.hu\/wp-content\/uploads\/2025\/11\/ssh-kuppinger-sra-overall-min-300x116.png 300w, https:\/\/relnet.hu\/wp-content\/uploads\/2025\/11\/ssh-kuppinger-sra-overall-min-1024x396.png 1024w, https:\/\/relnet.hu\/wp-content\/uploads\/2025\/11\/ssh-kuppinger-sra-overall-min-768x297.png 768w, https:\/\/relnet.hu\/wp-content\/uploads\/2025\/11\/ssh-kuppinger-sra-overall-min-200x77.png 200w, https:\/\/relnet.hu\/wp-content\/uploads\/2025\/11\/ssh-kuppinger-sra-overall-min-150x58.png 150w, https:\/\/relnet.hu\/wp-content\/uploads\/2025\/11\/ssh-kuppinger-sra-overall-min-480x186.png 480w\" sizes=\"auto, (max-width:767px) 480px, (max-width:1440px) 100vw, 1440px\" \/><\/p>\n<p>A PrivX OT az SSH ipari t\u00e1voli \u00e9s privilegiz\u00e1lt hozz\u00e1f\u00e9r\u00e9skezel\u0151 (PAM) platformja, amelyet a gy\u00e1rt\u00f3 IT\/OT konvergenci\u00e1ra tervezett. C\u00e9lja, hogy a kritikus infrastrukt\u00far\u00e1khoz t\u00f6rt\u00e9n\u0151 t\u00e1voli hozz\u00e1f\u00e9r\u00e9st biztons\u00e1gosan, audit\u00e1lhat\u00f3an \u00e9s szab\u00e1lyozottan tegye lehet\u0151v\u00e9 elosztott ipari k\u00f6rnyezetekben.<\/p>\n<h5>A PrivX OT f\u0151 k\u00e9pess\u00e9gei<\/h5>\n<ul>\n<li><strong>Telep\u00edt\u00e9si m\u00f3dok:<\/strong> on-prem, felh\u0151, Kubernetes, s\u0151t, \u201eair-gapped\u201d h\u00e1l\u00f3zatokon is m\u0171k\u00f6dik.<\/li>\n<\/ul>\n<ul>\n<li><strong>Jelsz\u00f3 \u00e9s kulcs n\u00e9lk\u00fcli hozz\u00e1f\u00e9r\u00e9s<\/strong> r\u00f6vid \u00e9lettartam\u00fa, efemer tan\u00fas\u00edtv\u00e1nyokkal, Just-In-Time \u00e9s Just-Enough Access vez\u00e9rl\u00e9ssel.<\/li>\n<li><strong>Zero Trust \u00e9s mikroszegment\u00e1l\u00e1s<\/strong>: folyamatos ellen\u0151rz\u00e9s, dinamikus szab\u00e1ly\u00e9rv\u00e9nyes\u00edt\u00e9s, finomhangolt jogosults\u00e1gok konkr\u00e9t eszk\u00f6z\u00f6kre, szolg\u00e1ltat\u00e1sokra.<\/li>\n<li><strong>Sz\u00e9lesk\u00f6r\u0171 protokollt\u00e1mogat\u00e1s<\/strong>: SSH, RDP, VNC, HTTPS; OT-protokollok k\u00f6z\u00fcl Modbus, OPC UA, DNP3.<\/li>\n<li><strong>Agentless architekt\u00fara, <\/strong>amely legacy OT-rendszerekben is biztons\u00e1gos, kontroll\u00e1lt el\u00e9r\u00e9st biztos\u00edt.<\/li>\n<li><strong>Napl\u00f3z\u00e1s \u00e9s visszaj\u00e1tsz\u00e1s<\/strong>: \u00e9l\u0151 munkamenet-megfigyel\u00e9s, vide\u00f3s r\u00f6gz\u00edt\u00e9s, f\u00e1jlmozg\u00e1sok k\u00f6vet\u00e9se; SIEM-integr\u00e1ci\u00f3 syslog\/CEF form\u00e1tumban, auditnyom.<\/li>\n<li><strong>Kvantumbiztos megold\u00e1s<\/strong>: el\u0151retekint\u0151 v\u00e9delem a hossz\u00fa t\u00e1v\u00fa megfelel\u0151s\u00e9ghez \u00e9s kock\u00e1zatcs\u00f6kkent\u00e9shez.<\/li>\n<li><strong>Gyors \u00fczembe \u00e1ll\u00edt\u00e1s \u00e9s automatiz\u00e1ci\u00f3<\/strong>: REST API-k, eszk\u00f6z-felfedez\u00e9s, dinamikus JIT (Just in Time) kapcsolatok, gy\u00e1rt\u00f3i hozz\u00e1f\u00e9r\u00e9sek dedik\u00e1lt kezel\u00e9se.<\/li>\n<li><strong>Er\u0151s identit\u00e1sintegr\u00e1ci\u00f3<\/strong>: Microsoft Entra ID, LDAP, OIDC; ABAC\/PBAC alap\u00fa, r\u00e9szletes h\u00e1zirendek; eszk\u00f6z\u00e1llapot ellen\u0151rz\u00e9se.<\/li>\n<li><strong>Titkos\u00edt\u00e1s \u00e9s kulcskezel\u00e9s<\/strong>: TLS 1.3, PFS, mTLS, k\u00f6zpontos\u00edtott kulcsmenedzsment, HSM-integr\u00e1ci\u00f3; felhaszn\u00e1l\u00f3k \u00e9s IoT-eszk\u00f6z\u00f6k tan\u00fas\u00edtv\u00e1nyos azonos\u00edt\u00e1sa.<\/li>\n<li><strong>Magas rendelkez\u00e9sre \u00e1ll\u00e1s<\/strong>: akt\u00edv-akt\u00edv klaszterez\u00e9s, f\u00f6ldrajzilag elosztott helyre\u00e1ll\u00edt\u00e1s (DR); kb. 30 m\u00e1sodperces \u00e1t\u00e1ll\u00e1s.<\/li>\n<li><strong>Megfelel\u00e9s t\u00e1mogat\u00e1sa<\/strong>: FIPS 140-3, ISO 27001, EU Cybersecurity Act; GDPR\/NIS2 incidens-bejelent\u00e9si ig\u00e9nyek t\u00e1mogat\u00e1sa (72 \u00f3ra), IoT-hozz\u00e1f\u00e9r\u00e9si napl\u00f3z\u00e1s.<\/li>\n<\/ul>\n<p>A PrivX OT b\u00f6ng\u00e9sz\u0151alap\u00fa fel\u00fcleten teszi egyszer\u0171v\u00e9 az \u00fczemeltet\u00e9st, mik\u00f6zben \u00fcgyn\u00f6kprogram n\u00e9lk\u00fcl vez\u00e9relhet\u0151 a t\u00e1voli el\u00e9r\u00e9s az ipari h\u00e1l\u00f3zat \u00e9rz\u00e9keny c\u00e9lpontjaihoz is. A szerepk\u00f6r, attrib\u00fatum alap\u00fa hozz\u00e1f\u00e9r\u00e9s, az efemer tan\u00fas\u00edtv\u00e1nyokkal vez\u00e9relt JIT, a mikroszegment\u00e1l\u00e1s \u00e9s a r\u00e9szletes session-napl\u00f3z\u00e1s egy\u00fctt minimaliz\u00e1lja a kitetts\u00e9get, \u00e9s sk\u00e1l\u00e1zhat\u00f3an biztos\u00edtja a k\u00fcls\u0151 hozz\u00e1f\u00e9r\u00e9seket is. A platform SIEM-ekkel \u00e9s megl\u00e9v\u0151 IAM\/IGA rendszerekkel nat\u00edvan egy\u00fcttm\u0171k\u00f6dik, \u00edgy gyorsan illeszthet\u0151 a megl\u00e9v\u0151 biztons\u00e1gi \u00f6kosziszt\u00e9m\u00e1ba.<\/p>\n<p><strong>A KuppingerCole jelent\u00e9se szerint a PrivX OT k\u00fcl\u00f6n\u00f6sen er\u0151s az al\u00e1bbiakban:<\/strong><\/p>\n<ul>\n<li>Jelsz\u00f3- \u00e9s kulcsmentes hozz\u00e1f\u00e9r\u00e9s efemer tan\u00fas\u00edtv\u00e1nyokkal<\/li>\n<li>Rugalmas telep\u00edt\u00e9s (Kubernetes, air-gapped)<\/li>\n<li>M\u00e9ly IAM\/IGA integr\u00e1ci\u00f3, ABAC\/PBAC h\u00e1zirendek<\/li>\n<li>Zero Trust, dinamikus h\u00e1zirend-\u00e9rv\u00e9nyes\u00edt\u00e9s<\/li>\n<li>Kvantumbiztos<\/li>\n<li>Mikroszegment\u00e1l\u00e1s, finomhangolhat\u00f3 jogosults\u00e1gszab\u00e1lyoz\u00e1s<\/li>\n<li>Agentless hozz\u00e1f\u00e9r\u00e9s legacy OT-rendszerekhez<\/li>\n<li>Munkamenet-r\u00f6gz\u00edt\u00e9s \u00e9s r\u00e9szletekbe men\u0151 audit<\/li>\n<li>Egyszer\u0171 SIEM-integr\u00e1ci\u00f3<\/li>\n<\/ul>\n<p>A PrivX OT nagyv\u00e1llalati \u00e9s k\u00f6z\u00e9pv\u00e1llalati szerepl\u0151knek aj\u00e1nlott kritikus infrastrukt\u00far\u00e1ban, ipari k\u00f6rnyezetekben, ahol a t\u00e1voli adminisztr\u00e1ci\u00f3, a besz\u00e1ll\u00edt\u00f3i hozz\u00e1f\u00e9r\u00e9s \u00e9s az IT\/OT konvergencia biztons\u00e1g\u00e1t Zero Trust elvek szerint, \u00fcgyn\u00f6k n\u00e9lk\u00fcl, audit\u00e1lhat\u00f3an kell megoldani.<\/p>\n<p>Ha ipari rendszereinek t\u00e1voli hozz\u00e1f\u00e9r\u00e9s\u00e9t modern, kvantumbiztos, \u00fcgyn\u00f6k n\u00e9lk\u00fcli PAM\/SRA megold\u00e1ssal szeretn\u00e9 fel\u00fcgyelni \u00e9s audit\u00e1lni, a PrivX OT a legjobb v\u00e1laszt\u00e1s. Keresse a RelNet munkat\u00e1rsait bizalommal!<\/p>\n<h5>Forr\u00e1s<\/h5>\n<p><a href=\"https:\/\/info.ssh.com\/kuppingercole-secure-remote-access-for-ot-ics-leadership-compass-ssh-privx\" target=\"_blank\" rel=\"noopener\">KuppingerCole Leadership Compass: Secure Remote Access for OT\/ICS<\/a><\/p>\n<h5>Kapcsol\u00f3d\u00f3 tartalom<\/h5>\n<p><a href=\"https:\/\/relnet.hu\/kepzesek\/valaszthato-kepzeseink\/?catid=2495\" target=\"_blank\" rel=\"noopener\">SSH Communications Security k\u00e9pz\u00e9sek a Relnet eLearning programban<\/a><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A KuppingerCole legut\u00f3bbi Leadership Compass kiadv\u00e1nya az OT\/ICS Secure Remote Access megold\u00e1sok k\u00f6z\u00f6tt kiemeli az SSH Communications Security PrivX OT platformj\u00e1t. A PrivX OT kifejezetten ipari k\u00f6rnyezetekre k\u00e9sz\u00fclt PAM megold\u00e1s: jelsz\u00f3- \u00e9s kulcsmentes hozz\u00e1f\u00e9r\u00e9st, Zero Trust alap\u00fa jogosults\u00e1gkezel\u00e9st, mikroszegment\u00e1l\u00e1st \u00e9s r\u00e9szletes napl\u00f3z\u00e1st biztos\u00edt \u00fcgyn\u00f6kprogram telep\u00edt\u00e9se n\u00e9lk\u00fcl.<\/p>\n","protected":false},"author":2089,"featured_media":40135,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[658],"tags":[4799,2378,1744,2325,3609,205,326],"yst_prominent_words":[],"class_list":["post-40131","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ssh-com","tag-ics","tag-kuppingercole","tag-ot","tag-pam","tag-privx-ot","tag-ssh","tag-zero-trust"],"_links":{"self":[{"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/posts\/40131","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/users\/2089"}],"replies":[{"embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/comments?post=40131"}],"version-history":[{"count":2,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/posts\/40131\/revisions"}],"predecessor-version":[{"id":41637,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/posts\/40131\/revisions\/41637"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/media\/40135"}],"wp:attachment":[{"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/media?parent=40131"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/categories?post=40131"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/tags?post=40131"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/yst_prominent_words?post=40131"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}