With the proliferation of cloud services being used by both our customers and partners, we are getting dramatically increased pressure to allow outbound (internally initialed) SSH access between our company and these various customer and partner systems that are running on cloud services. We have no issue with using SSH for terminal access, but are concerned because of how SSH can be used to tunnel traffic.
I understand that what makes SSH problematic to inspect is that it’s based on self-signed certificates, rather than PKI, so you can’t do decryption inspection like you can with a typical browser/HTTP access.
Are others in this community facing this same dilemma? Should we be overly concerned about this? What are some ways that we can provide the access that is being requested as securely as possible?
I would appreciate any and all suggestions... whether or not this advice is purely based on CheckPoint policy/configuration or some other solution.
Thank you,
Mike