Hi Ashraf,

The tunnel is just a small part of it. It makes sure the resources in a private network can be made available. But in addition, we also provide flexible Policies that allow you to define who has access, when and from where. The "who" is determined using OpenID log-in services, such as "login with" Google and Github

You, then, can get a report of who accessed the services, when, and from where (session logs). You can kill these sessions if you'd like.

Finally, you can also record and replay (like a movie) the sessions.

We can do the above for HTTP apps, SSH , Databases and any generic TCP service.

See this for some more examples https://docs.border0.com/docs/securing-access-to-an-ssh-server

Automating all of it is easy, using our open APIs https://api.border0.com/swagger/latest/index.html