The new real-time alerting and blocking feature of Shell Control BoxTM 3 F4 activity monitoring appliance prevents malicious user activities, either external or internal, even those initiated by users with the highest privileges

New YorkFebruary 12, 2013Balabit IT Security, a global leader in the development of privileged activity monitoring, trusted logging and proxy-based gateway technologies announced the latest version of its Shell Control BoxTM (SCB). SCB is an activity monitoring appliance that controls privileged access to remote servers and networking devices and records activities in movie-like audit trails that can be searched and replayed. Standard reports can be generated to comply with a variety of data security regulations. The new real-time alerting and blocking functionality of SCB 3 F4 prevents malicious activities, either external or internal, even those initiated by system administrators or other privileged users.

Cybercrimes are on the rise and sensitive corporate information is one of the top targets of external and internal attacks. Most of organizations are well prepared to protect their data with firewalls, IPS, IDS, DLP, IAM, SIEM and other systems, but not against internal threats. It is no coincidence that several compliance regulations, such as PCI-DSS (Chapter 10.), specify rules for monitoring the activities of employees, especially those having privileged rights. The most costly and dangerous cyber-attacks are made by malicious privileged users, as they know the weak points of IT systems, and have an idea what to look for  and where to find it.

Zoltán Györkő, CEO of Balabit IT Security said, “We closed an important gap in the global network security market by developing the real-time alerting and blocking feature in SCB, a unique feature in the Privileged Account Activity Management (PAAM) product category. With the latest SCB features, financial institutions, telecom companies and other organizations facing strict compliance requirements  now can pass audits more easily by  analyzing any text (admin commands, credit card numbers, etc.) that appear on the user’s screen. In case of suspicious user action, SCB can send real time alerts, or can terminate the connection immediately on the network layer. For example, SCB can block a connection before a harmful administrator command is executed. This functionality helps to prevent malicious user activities as they happen instead of just recording or reporting them. Consequently, organizations can avoid costly troubleshooting and forensics investigations.”

Key new features of Shell Control Box 3 F4:

Balabits Shell Control Box (SCB)
Shell Control Box (SCB) is an activity monitoring appliance that controls access to remote servers, virtual desktops, or networking devices, and records the activities of the users accessing these systems. For example, it records system administrators while they configure your database servers through SSH, or your employees make transactions using thin-client applications in VMware View. The recorded audit trails can be replayed like a movie to review the events exactly as they occurred. The content of the audit trails is indexed to make searching for events and automatic reporting possible. SCB is especially suited to supervise privileged-user access as mandated by many compliance requirements, like PCI-DSS. It is an external, fully transparent device, completely independent from the clients and the servers. The server- and client applications do not have to be modified in order to use SCB; it integrates smoothly into the existing infrastructure. For more information, please visit Shell Control Box product page.


Supporting Resources


About Balabit
Balabit IT Security is an innovative information security company, a global leader in the development of privileged activity monitoring, trusted logging and proxy-based gateway technologies to help protect customers against internal and external threats and meet security and compliance regulations. As an active member of the open source community, we provide solutions to a uniquely wide range of both open source and proprietary platforms, even for the most complex and heterogeneous IT systems across physical, virtual and cloud environments.
Balabit is also known as “the syslog-ng company”, based on the company’s flagship product, the open source log server application, which is used by more than 850 000 companies worldwide and became the globally acknowledged de-facto industry standard.
Balabit, the fastest-growing IT Security software developer company in the Central European region according to the latest Deloitte Technology Fast 50 list, has local offices in France, Germany, Italy, Russia, and in the USA, and cooperates with partners worldwide. Our R&D and global support centers are located in Hungary, Europe.
For more information, visit


The syslog-ng™, the syslog-ng Store Box™, the Shell Control Box™ and the Zorp™ as well as the Balabit™ names are registered trademarks of Balabit IT Security. All other product names mentioned herein are the trademarks of their respective owners.

For more information, please contact:
Andrea Ipolyi
PR manager
Balabit IT Security
phone: +36 1 398 6700

Walter Caon
Balabit USA
410 Park Avenue 15th Floor Suite 1500
New York, 10022
phone: +1 917 546 6715