Transporter: Simple Remote Access
Raxis Transporter is our platform for remote security services at client locations. It allows us an unrestricted connection to on-site network resources. With full access, Raxis engineers are able to perform penetration testing, risk assessments, and incident response. Work performed via Transporter is PCI, HIPAA, NERC CIP, and SOX compliant for internal penetration testing.
Running Debian Linux on BeagleBone Black hardware, Transporter uses a custom configuration of OpenVPN to build a tunnel back to the Raxis Cloud. Our self-hosted Raxis Cloud serves only Raxis customers with hardware hosted exclusively in our Atlanta data center.
"With multiple locations to test, I can't imagine doing this with anything else."
-VP/CISO of an International Hotel Company
Many Locations? No Problem.
Raxis Transporter provides a cost effective way to reach multiple in-scope locations, such as bank branches, hotels, and medical facilities.
Critical Data Exfiltrated
from 85% of our Clients
What if your threat orginates from the inside? Know what's possible using Raxis Transporter, yielding the same results as an on-site penetration tester.
Easy On, Easy Off
Using your network DHCP, Transporter self-configures and securely provides access to Raxis. When we're done, simply unplug. Keep the device for your next test!
Meets Regulatory Requirements
Since regulations drive a significant amount of the need for penetration testing and risk assessments, engagements using Raxis Transporter are 100% compliant with NIST 800-115, PCI, HIPAA, and NERC CIP guidelines for testing. Ask for more information regarding our remote penetration testing process and how we can reach your in-scope network, no matter where it is in the world.
No Attack Limitations
Some of you may be wondering if Raxis can perform a high quality internal penetration test using a device with limited resources. There's absolutely no difference in the results that we get from a remote internal penetration test using Transporter. The reason is due to the configuration that we use. Transporter uses OpenVPN to build a "tap" style tunnel to the Raxis data center in Atlanta. From there, our penetration testers traverse the tunnel to use all of the standard tools that they normally use. This includes advanced tools like Kali Linux, Nexpose, Metasploit Pro/Meterpreter, various python scripts and custom software. Raxis also has the ability to perform broadcast poisoning attacks, such as Responder or smbrelayx, via the Transporter solution.
|System Board||BeagleBone Black rev C|
|Processor||AM3358 ARM Cortex-A8|
|Storage||4GB on-board eMMC|
|Operating System||Debian Linux 7.11|
|Connectivity||100mb Ethernet, uses a single DHCP assigned address|
|VPN Technology||Customized OpenVPN, certificate authentication, encrypted tunnel|
|Network Ports||Requires outbound access via: tcp/443, tcp/80, tcp/22, udp/1194, udp/53
Customized ports also available.
|Security Updates||Raxis performs all security updates remotely via scripts for any online Transporter.
Customers may disable Transporter devices when not in use. If so, patches will not be available until the next time it is connected.