A network–based virtual appliance that monitors, controls and audits encrypted administrator sessions, third-party access and file transfers. Requires no changes to the environment, no agents to install and no access portal to go through. Often an extension of the firewall that is fast to implement and has no impact on end-user experience or workflows. Integrates readily with data loss prevention (DLP), intrusion detection (IPS), anti–virus (AV) and SIEM solutions and allows real-time incident detection and response to threats within encrypted sessions. Preserves end–to–end security, while decrypting and securely storing session traffic. Makes identity access possible for on-premise or cloud environments.