• About us
  • Newsroom
  • Careers
  • Become a partner
  • Search
Compute
High-performance, scalable computing resources for your critical workloads. Orchestrate your cloud-native applications with our modern container solutions.
Discover the Calcul offer
Virtual machines
VM Instances
An on-demand, flexible and secure virtual machine solution on a shared infrastructure.
Dedicated servers
OpenSource IaaS
Open source virtualised infrastructure in a trusted SecNumCloud-qualified cloud environment for complete technological sovereignty.
VMWare IaaS
Your VMware virtual machines in a trusted SecNumCloud-qualified and HDS-certified cloud environment.
Bare Metal
Dedicated, fully customisable servers for total autonomy over your sovereign infrastructure.
Containers
Openshift PaaS
The unified platform for creating, modernising and deploying your large-scale applications in a sovereign cloud.
Managed Kubernetes
Managed container orchestration solution offering security, resilience and advanced automation on sovereign infrastructure.
Storage
Adaptable, high-performance storage solutions for all your needs. Optimise your data with our highly available block and object solutions.
Discover our Storage offer
Storage
Block storage
The adaptable block storage solution for optimum storage performance in a sovereign cloud.
Object storage
The scalable, cost-effective storage solution for your unstructured data in a sovereign cloud.
Backup
Backup solutions
Differentiated backup solutions tailored to your challenges and environments
Network
Advanced network solutions to connect and secure your infrastructures. Deploy your private networks automatically and securely.
Discover the Network offer
Network
Virtual Private Cloud
Deploy and manage your private networks 100% automatically and securely.
Private Backbone
Take full control of your network with extended Layer 2 connectivity, designed for hybrid architectures and bespoke configurations.
Firewall
Managed Firewall
Advanced security solutions for complete insulation and enhanced protection
Accommodation Dry
Housing - Dedicated space
Secure hosting for your equipment in a dedicated or shared environment, depending on your needs.
Security
Advanced security solutions to protect your critical infrastructures. Control access and defend against online threats.
Discover the Security offer
Security
Anti DDoS
The shield against online attacks
Bastion host
Transparent, centralised access control for robust protection of your infrastructure
Managed KMS
Sovereign cryptographic key management, with HSM hardware root of trust, to protect your most sensitive data on SecNumCloud infrastructure.
Managed SIEM
A centralised platform for collecting and correlating security logs, combining AI-based automation and advanced detection rules (MITRE ATT&CK).
IA
Artificial intelligence solutions to transform your data into insights and accelerate your business processes.
Discover the IA offer
IA
LLMaaS
Access cutting-edge language models on a sovereign, SecNumCloud-qualified and HDS-certified infrastructure for high-performance, secure AI applications.
GPU
NVIDIA GPU instances to accelerate your artificial intelligence and high-performance computing in a sovereign cloud.
Data
Data solutions to manage, analyse and exploit your critical data.
Discover the Data offer
Databases
Managed MariaDB
A fully managed MariaDB relational database and PITR backup on SecNumCloud sovereign infrastructure.
Managed PostGreSQL
The fully managed relational database solution on SecNumCloud sovereign infrastructure
Big Data
Managed Kafka
The open-source distributed platform for streaming data in real time
Managed File System
A managed, sovereign, high-availability distributed file system, accessible via NFS and SMB on the SecNumCloud infrastructure.
Management & Governance
Coaching and support services to help you with your cloud transformation.
Find out about our support services
Support
Support levels
Discover the 3 levels of support available to help you meet your challenges.
Professional services
From design to optimisation, Cloud Temple is with you every step of the way.
Governance
Console - API - Terraform Provider
A single interface for viewing and managing your products and services
Observability
Infrastructure metrics available in market standards
About us
The company
Who are we?
Management team
Locations
CSR commitments
Sectors
Public sector
Health
Financial sector
Industry
Our approach
Our compliance procedures
Our SecNumCloud approach
Trusted AI
Interoperability & hybridity
Transparency in the processing of health data
Newsroom
The magazine
Events & Webinars
Press releases
In the media
Documentary database
Careers
Working at Cloud Temple
Join us
Become a partner
Software publishers
Managed Services Providers
FR AT FROM IT
Contact
Products > Bastion host
Security

Bastion host

Transparent, centralised access control for robust protection of your infrastructures in a sovereign cloud.

The basics of the Bastion offer

Cloud Temple's Bastion service provides a secure, centralised point of entry for accessing sensitive resources in your cloud infrastructure. This solution offers secure RDP and SSH connectivity to your physical and virtual infrastructures, whether they are located in the trusted cloud, in a public cloud or on-premises. Bastion guarantees full traceability of actions for audit and compliance purposes. Systematic video recording of all sessions will soon be available.

Our compliance procedures

Our Bastion offering is HDS and ISO 27001 certified. This functionality is included in SecNumCloud-qualified and C5-compliant services.

The benefits of Cloud Temple's Bastion offering

Enhanced safety

A single point of entry to protect against attacks. Traceability is also a key feature, as all sessions are recorded and audited.

Centralised access

Unified management from the Cloud Temple console.

Infrastructure as Code management

APIs for complete automation.

Flexible access

Multi-environment support (cloud, on-premise).

The key features of our Bastion

RDP/SSH access
Secure connectivity to equipment

Session recording
H264 video capture of all sessions, securely stored and encoded on an Object Storage Cloud Temple.

*future functionality

50 IPs management
Up to 50 pieces of equipment per appliance

Full API
as Code“ equipment management

of streams
Protection of all communications

Detailed logs
Complete traceability of actions

Technical specifications

Bastion host
Managed equipment 50 IPs per appliance
Protocols RDP, SSH
Encryption Mandatory full feeds
API Full REST
Logs All actions

Need to secure your administration access? Let's talk about your project.

Would you like to implement a single point of entry for your infrastructures, guarantee full traceability of your RDP/SSH sessions or meet SecNumCloud requirements for your privileged accesses?

Our security experts will work with you to define the Bastion architecture best suited to your compliance and performance challenges. Whether you need to manage your internal administrators or control the activities of your service providers, we can help you build a trusted administration framework.

Merci de confirmer que vous n’êtes pas un robot
I consent to Cloud Temple storing and processing the personal information submitted above in order to respond accurately to my request. * mandatory fields

Pricing

Infrastructure work units - BASTION Unit Unit price € excl. tax/month Commitment
BASTION - Cloud Temple Appliance Bastion SSH & RDP - Recording H264 - 50 IPs 1 appliances 276,00 € 1 month

Use cases

Cloud Temple's sovereign Bastion product for remote access management

Remote management

The Bastion security solution acts as a secure gateway to your infrastructures, via a single reinforced access point. You can manage access authorisations and limit entry points to your systems, reducing the risk of intrusion.

Cloud Temple's sovereign Bastion product to protect against cyber attacks

Protection against cyber-attacks

By using bastion, you create an extra layer of defence to protect your sensitive data from cyber-attacks. No public IP address is required: using bastion allows you to open a more secure RDP/SSH connection using a private IP address.

Cloud Temple's sovereign Bastion product for creating external access

Creating external access to your organisation

You can offer temporary, controlled access to your suppliers and partners while continuously monitoring security, directly from the CMP Cloud Temple. Log generation provides full traceability for audit and compliance purposes.

Frequently asked questions

The perfect balance between maximum safety and operational simplicity. 

Unlike a simple SSH gateway or traditional VPN, Bastion Cloud Temple offers a layer of total isolation. It prevents any direct exposure of your servers to the Internet. Above all, it guarantees unalterable traceability: every action is logged and, in the near future, every session will be recorded on video (H264). This is an essential prerequisite for meeting the requirements of SecNumCloud qualification and the strictest compliance audits.

As soon as you manage sensitive infrastructures or third-party access. 

The Bastion is essential in three key scenarios:

  • Internal administration : For your deployment teams (DevOps, SysAdmin) accessing critical resources.
  • Maintenance provider : Open up temporary, controlled access to external partners without compromising your network.
  • Regulatory compliance : For the healthcare (HDS), finance or public sector sectors requiring a complete history of administration interventions.

A sovereign, managed solution with no exit costs. 

The Bastion Cloud Temple is natively integrated into the Cloud Temple management console, while remaining a dedicated resource in your environment (strict logical isolation). Unlike global public cloud solutions, we guarantee data residency in France and total price transparency: the price is a flat rate per appliance, including API and logging functionalities, with no hidden charges on the volume of data passing through the gateway.

Self-service provisioning, ready in just a few minutes. 

Deployment is fully automated via the Cloud Temple console or by API (Infrastructure as Code approach). Once the appliance has been instantiated, all you have to do is configure your network rules (opening flows to your target IPs). The intuitive interface lets you add your RDP or SSH devices straight away. Only the opening of flows on your firewalls remains in your hands to ensure that you retain ultimate control over what is accessible.

Systematic capture stored securely. 

The recording of sessions will be non-rewritable to guarantee the integrity of the audit. Video streams will be encoded in real time in H264 and automatically transferred to your own Object Storage Cloud Temple (S3) bucket. This ensures that you retain ownership of your audit evidence, with the ability to define your own data retention policies.

Can't find the answer to your question?
Contact our teams
Contact us
To find out more
Technical documentation Contact us
Cookie policy

We use cookies to give you the best possible experience on our site, but we do not collect any personal data.

Audience measurement services, which are necessary for the operation and improvement of our site, do not allow you to be identified personally. However, you have the option of objecting to their use.

For more information, see our privacy policy.

Authorise Refuse