PROVE IT Version 7 : Discover What's New

A few weeks ago, version 7 of our PROVE IT PAM solution was released. This update brings new features designed to deliver an even smoother user experience and strengthen privileged access security. Discover what's new in this article !

What our PROVE IT bastion host already offered

Since its creation in 2014, our PROVE IT bastion has gone through many evolutions to meet growing demands in terms of security and privileged access management. As a single entry point, it enables you to control and track all internal access (administrators, etc.) as well as external access (remote maintenance providers, contractors, etc.). It is built on a flexible licensing model and a solid, field-proven functional foundation.

A simple and scalable licensing model

Designed to support organisational growth, it sets no limit on the number of declared users or resources : the licensing model is based solely on the number of simultaneous sessions to devices, starting from 2 and then in increments of 5 (5, 10, 15 sessions, etc.), ensuring clear and scalable pricing. For greater flexibility, the licence is available as perpetual or subscription.

Unlike pricing approaches based on the number of declared users or devices, our model adapts to the actual usage of the solution. This helps keep costs under control by avoiding unnecessary over-licensing.

Thanks to this positioning, our solution stands out for its strong price competitiveness, both at initial deployment and over time, including during scale-up phases.

Our customers benefit from predictable, scalable, and particularly advantageous pricing, regardless of the volume of devices to be administered.

Three ranges tailored to organisational needs

• Standard: core bastion functional package
• Advanced, additionally including:
  • Authentication via RADIUS connector
  • REST API to automate frequent operations or integrate the bastion into your tools
  • Fine-grained segmentation of bastion administration rights by profile (operators/auditors)
• Cluster: Advanced range with load balancing across multiple nodes, designed for environments requiring more than 50 simultaneous sessions or with high availability requirements.

Key features of the PROVE IT bastion host

• Authentication via LDAP, including Active Directory
• MFA, including passkeys, to strengthen access security
• Remote access – Controlled internet exposure of the bastion via an independent module called the outpost
• Granular access policies for critical resources
• Secure vault for managing sensitive infrastructure accounts
• Complete access logging
• Recording and playback of actions performed by internal and external users
• Advanced event alerts and notifications (email, syslog, etc.)

Available as an option : active/passive architecture using a dedicated bastion instance for disaster recovery (DRP). In the event of unavailability of the primary bastion, the DRP bastion instance serves as a backup.

What's new in PROVE IT Version 7

Modernisation of the user web portal

> Multi-session from the same browser

Following feedback from our customers, the new version now allows multiple services to be opened within the same browser, making it easy to switch quickly between them.

User benefits:

• Increased productivity : Users can work on several services simultaneously without needing to open multiple browsers or separate windows.
• Smoother navigation : Switching from one service to another becomes fast and simple, directly within the same browser.

> Easy access to favourite services

Adding services to favourites in PROVE IT

Users can now choose to add the services they use regularly to their favourites.

User benefits :

• Day-to-day efficiency : Favourite services are visible at a glance as soon as the access portal is opened.

Easy bookmarking in the browser

A "copy URL" function has been added, allowing users to retrieve the direct access link to a service and easily bookmark it in their browser.

User benefits:

• Quick access to favourite services: Users can save their preferred services directly in their browser for instant access, maintaining their habits.
• Ease of use: Copying the URL and bookmarking it becomes a quick and intuitive action, with no complicated steps.

> Filtering by service group

Service groups defined by the PROVE IT administrator are now visible on the user portal.

User benefits:

• Time savings: Users quickly find the service they need without scrolling through a long list.
• Simplified navigation: Clear organisation by groups makes the portal more intuitive and pleasant to use.
• Suited to complex environments: In organisations with many services, this filtering allows the diversity and volume to be managed efficiently.

Primary authentication via SSH key

The principle is based on asymmetric encryption through the generation of a key pair, enabling SSH access that is more secure than a password.

The public key is stored in a directory (e.g. your AD or PROVE IT's internal directory). The private key is saved on a storage device of the user's choice (e.g. a local directory, a physical key).

Why use an SSH key to authenticate on our PROVE IT bastion? For enhanced security. Unlike a classic password, SSH keys are much harder to compromise. It is also possible to protect the private key by storing it on a physical security device (e.g. Yubikey, Neowave, Keopass, Nitrokey…).

SSH key authentication is the preferred method for authenticating SSH access. On a bastion, it becomes the first security barrier before any access to internal servers.

Benefits :

• Enhanced security
• A simplified day-to-day user journey, with fast and "transparent" passage through the bastion
• Automated actions passing through the bastion via SSH no longer expose passwords
• Operation suited to hybrid or multi-cloud environments

SSH key authentication transforms the bastion into a secure, auditable gateway. It is today considered a standard practice in secure infrastructures, drastically reducing the risks associated with password-based usage.

Migration to Ubuntu LTS 24.04, Pro licence

The operating system (OS) running PROVE IT is Ubuntu. PROVE IT V7 runs on Ubuntu version 24.04.

This version offers better compatibility with recent hardware (CPU/GPU/NVMe SSD/ARM/…) and the latest innovations in performance and security.

Ubuntu Pro licence:

Rubycat provides an Ubuntu Pro licence for each bastion instance.

Each application package making up the operating system is delivered as a package. This licence ensures that all packages are covered by security updates for at least 10 years. Ubuntu divides its packages into two categories:

• main (covered without Pro licence for 5 years, and with Pro licence for 10 years)
• universe (covered with Pro licence for 10 years)

More features are coming in this version 7, we'll share more details soon ! Contact us to find out more about PROVE IT and its latest updates :