SSH Priorities

All questions in this survey are optional. Answers are recorded by clicking the 'Thank You' button at the bottom.

Question Title

* 1. Can you briefly describe your software environment? (select all that apply)

microservicees

one public cloud

multiple public clouds

kubernetes

containers

PaaS (OpenShift, Cloud Foundry, etc.)

IoT & Edge Devices

Other (please specify)

Question Title

* 2. What Identity Provider(s) do you use?

Google Apps

Okta

GitHub

Active Directory

LDAP

Other (please specify)

Question Title

* 3. What is your approximate number of SSH Users & Hosts?

Windows users via Putty

Windows users via non-putty (i.e. OpenSSH)

Mac users

Linux users

Other users

Local hosts

AWS hosts

Azure hosts

Google Cloud hosts

Other hosts

Question Title

* 4. How are you managing user accounts on host machines today?

Everyone uses Root User (Individual access details captured at bastion / other)

We group users into Principals

Every user gets an account

Other (please specify)

Question Title

* 5. SSH Priorities - How would you like to deploy an SSH solution?

	Definitely	Maybe	Would Check Out	Not Interested
Run my own on my infrastructure	Run my own on my infrastructure Definitely	Run my own on my infrastructure Maybe	Run my own on my infrastructure Would Check Out	Run my own on my infrastructure Not Interested
Run my own in a public cloud	Run my own in a public cloud Definitely	Run my own in a public cloud Maybe	Run my own in a public cloud Would Check Out	Run my own in a public cloud Not Interested
As a cloud-based managed service	As a cloud-based managed service Definitely	As a cloud-based managed service Maybe	As a cloud-based managed service Would Check Out	As a cloud-based managed service Not Interested
As a managed service on my infrastructure	As a managed service on my infrastructure Definitely	As a managed service on my infrastructure Maybe	As a managed service on my infrastructure Would Check Out	As a managed service on my infrastructure Not Interested

Other (please specify)

Question Title

* 6. SSH Priorities - Please Choose Your Desired Access Control Combination

	User Access (who)	Access Role (as)	Host Access (to)
Ideal State	Ideal State User Access (who) menu	Ideal State Access Role (as) menu	Ideal State Host Access (to) menu
Minimum to Start	Minimum to Start User Access (who) menu	Minimum to Start Access Role (as) menu	Minimum to Start Host Access (to) menu

Other (please specify)

Question Title

* 7. SSH Priorities - Host Certificates

	Required - Can't proceed without	Required - Roadmap within next 6-month ok	Nice to have - would use but not required	Meh - not needed
Issue certs to cloud VMs	Issue certs to cloud VMs Required - Can't proceed without	Issue certs to cloud VMs Required - Roadmap within next 6-month ok	Issue certs to cloud VMs Nice to have - would use but not required	Issue certs to cloud VMs Meh - not needed
Issue certs to bare metal hosts (e.g. Linux server)	Issue certs to bare metal hosts (e.g. Linux server) Required - Can't proceed without	Issue certs to bare metal hosts (e.g. Linux server) Required - Roadmap within next 6-month ok	Issue certs to bare metal hosts (e.g. Linux server) Nice to have - would use but not required	Issue certs to bare metal hosts (e.g. Linux server) Meh - not needed
Issue certs for windows servers	Issue certs for windows servers Required - Can't proceed without	Issue certs for windows servers Required - Roadmap within next 6-month ok	Issue certs for windows servers Nice to have - would use but not required	Issue certs for windows servers Meh - not needed
Issue certs for SSH tunnels (e.g. connect to Database)	Issue certs for SSH tunnels (e.g. connect to Database) Required - Can't proceed without	Issue certs for SSH tunnels (e.g. connect to Database) Required - Roadmap within next 6-month ok	Issue certs for SSH tunnels (e.g. connect to Database) Nice to have - would use but not required	Issue certs for SSH tunnels (e.g. connect to Database) Meh - not needed
Issue certs to network equipment	Issue certs to network equipment Required - Can't proceed without	Issue certs to network equipment Required - Roadmap within next 6-month ok	Issue certs to network equipment Nice to have - would use but not required	Issue certs to network equipment Meh - not needed
Issue certs to embedded devices	Issue certs to embedded devices Required - Can't proceed without	Issue certs to embedded devices Required - Roadmap within next 6-month ok	Issue certs to embedded devices Nice to have - would use but not required	Issue certs to embedded devices Meh - not needed

Other types (please specify)

Question Title

* 8. SSH Priorities - User Certificates & Existing Identity Provider (IdP)

	Required - Can't proceed without	Required - Roadmap within next 6-month ok	Nice to have - would use but not required	Meh - not needed
Allow users to get certificates via single sign-on using existing IdP	Allow users to get certificates via single sign-on using existing IdP Required - Can't proceed without	Allow users to get certificates via single sign-on using existing IdP Required - Roadmap within next 6-month ok	Allow users to get certificates via single sign-on using existing IdP Nice to have - would use but not required	Allow users to get certificates via single sign-on using existing IdP Meh - not needed
Allow users to get certificates using PAM (supports passwords, LDAP, Kerberos, Duo, etc.)	Allow users to get certificates using PAM (supports passwords, LDAP, Kerberos, Duo, etc.) Required - Can't proceed without	Allow users to get certificates using PAM (supports passwords, LDAP, Kerberos, Duo, etc.) Required - Roadmap within next 6-month ok	Allow users to get certificates using PAM (supports passwords, LDAP, Kerberos, Duo, etc.) Nice to have - would use but not required	Allow users to get certificates using PAM (supports passwords, LDAP, Kerberos, Duo, etc.) Meh - not needed
Only allow particular groups of users to get certificates	Only allow particular groups of users to get certificates Required - Can't proceed without	Only allow particular groups of users to get certificates Required - Roadmap within next 6-month ok	Only allow particular groups of users to get certificates Nice to have - would use but not required	Only allow particular groups of users to get certificates Meh - not needed
Leverage existing IdP group definitions for access control	Leverage existing IdP group definitions for access control Required - Can't proceed without	Leverage existing IdP group definitions for access control Required - Roadmap within next 6-month ok	Leverage existing IdP group definitions for access control Nice to have - would use but not required	Leverage existing IdP group definitions for access control Meh - not needed
Define access control groups separately at the SSH CA	Define access control groups separately at the SSH CA Required - Can't proceed without	Define access control groups separately at the SSH CA Required - Roadmap within next 6-month ok	Define access control groups separately at the SSH CA Nice to have - would use but not required	Define access control groups separately at the SSH CA Meh - not needed
Restrict SSH access to particular hosts	Restrict SSH access to particular hosts Required - Can't proceed without	Restrict SSH access to particular hosts Required - Roadmap within next 6-month ok	Restrict SSH access to particular hosts Nice to have - would use but not required	Restrict SSH access to particular hosts Meh - not needed
SSH users must authenticate as themselves (vs. as a principal account like “ops” or “eng”)	SSH users must authenticate as themselves (vs. as a principal account like “ops” or “eng”) Required - Can't proceed without	SSH users must authenticate as themselves (vs. as a principal account like “ops” or “eng”) Required - Roadmap within next 6-month ok	SSH users must authenticate as themselves (vs. as a principal account like “ops” or “eng”) Nice to have - would use but not required	SSH users must authenticate as themselves (vs. as a principal account like “ops” or “eng”) Meh - not needed

Other (please specify)

Question Title

* 9. SSH Priorities - Audit Logging

	Required - Can't proceed without	Required - Roadmap within next 6-month ok	Nice to have - would use but not required	Meh - not needed
Certificate Issuances	Certificate Issuances Required - Can't proceed without	Certificate Issuances Required - Roadmap within next 6-month ok	Certificate Issuances Nice to have - would use but not required	Certificate Issuances Meh - not needed
Server Access	Server Access Required - Can't proceed without	Server Access Required - Roadmap within next 6-month ok	Server Access Nice to have - would use but not required	Server Access Meh - not needed
Session summary metrics (server, time, etc)	Session summary metrics (server, time, etc) Required - Can't proceed without	Session summary metrics (server, time, etc) Required - Roadmap within next 6-month ok	Session summary metrics (server, time, etc) Nice to have - would use but not required	Session summary metrics (server, time, etc) Meh - not needed
Detailed shell history	Detailed shell history Required - Can't proceed without	Detailed shell history Required - Roadmap within next 6-month ok	Detailed shell history Nice to have - would use but not required	Detailed shell history Meh - not needed
Session video recording	Session video recording Required - Can't proceed without	Session video recording Required - Roadmap within next 6-month ok	Session video recording Nice to have - would use but not required	Session video recording Meh - not needed

Other (please specify)

Question Title

* 10. SSH Priorities - Other Capabilities

	Required - Can't proceed without	Required - Roadmap within next 6-month ok	Nice to have - would use but not required	Meh - not needed
Directory services with host discovery	Directory services with host discovery Required - Can't proceed without	Directory services with host discovery Required - Roadmap within next 6-month ok	Directory services with host discovery Nice to have - would use but not required	Directory services with host discovery Meh - not needed
Daily removal of terminated accounts	Daily removal of terminated accounts Required - Can't proceed without	Daily removal of terminated accounts Required - Roadmap within next 6-month ok	Daily removal of terminated accounts Nice to have - would use but not required	Daily removal of terminated accounts Meh - not needed
Immediate access removal for terminated accounts (mins, not hours)	Immediate access removal for terminated accounts (mins, not hours) Required - Can't proceed without	Immediate access removal for terminated accounts (mins, not hours) Required - Roadmap within next 6-month ok	Immediate access removal for terminated accounts (mins, not hours) Nice to have - would use but not required	Immediate access removal for terminated accounts (mins, not hours) Meh - not needed
Hardware Security Module (HSM) support	Hardware Security Module (HSM) support Required - Can't proceed without	Hardware Security Module (HSM) support Required - Roadmap within next 6-month ok	Hardware Security Module (HSM) support Nice to have - would use but not required	Hardware Security Module (HSM) support Meh - not needed
Long-lived SSH user support (i.e. scripts or services)	Long-lived SSH user support (i.e. scripts or services) Required - Can't proceed without	Long-lived SSH user support (i.e. scripts or services) Required - Roadmap within next 6-month ok	Long-lived SSH user support (i.e. scripts or services) Nice to have - would use but not required	Long-lived SSH user support (i.e. scripts or services) Meh - not needed
Emergency backup access in case CA goes down	Emergency backup access in case CA goes down Required - Can't proceed without	Emergency backup access in case CA goes down Required - Roadmap within next 6-month ok	Emergency backup access in case CA goes down Nice to have - would use but not required	Emergency backup access in case CA goes down Meh - not needed

Other (please specify)

Question Title

* 11. Anything else you would like to share to help us prioritize our roadmap?

Question Title

* 12. Complete if you would like a thank you gift from smallstep

Name

Company

Mailing address 1

Mailing address 2

Question Title

* 13. Enter your email if you wish to be added to the smallstep mailing list.

Email Address