EpochProxy vs Bastion Hosts: A Better Alternative
Bastion hosts were the standard for secure server access, but they come with significant drawbacks: exposed ports, SSH key management, single points of failure, and constant maintenance. EpochProxy provides the same access with none of the headaches.
The problem with bastion hosts
Bastion hosts solved the problem of exposing every server, but they created new problems.
Exposed Attack Surface
Port 22 must be open to the internet (or VPN). Every exposed port is a potential entry point for attackers, and SSH is a frequent target.
SSH Key Sprawl
Managing SSH keys across users and servers becomes a nightmare. Keys get shared, rarely rotated, and are difficult to revoke when people leave.
Single Point of Failure
If your bastion host goes down, everyone loses access. Setting up HA bastion hosts adds complexity and cost.
Maintenance Overhead
Bastion hosts need patching, monitoring, and security hardening. They're another piece of infrastructure to manage.
Limited Audit Trails
Native SSH logging is basic. Getting detailed session recordings and user-attributed logs requires additional tooling.
Coarse Access Control
Access is typically all-or-nothing. Fine-grained permissions require complex sudo configurations or additional tooling.
EpochProxy vs Bastion Hosts: Feature Comparison
See how EpochProxy addresses the limitations of traditional bastion hosts.
| Feature | EpochProxy | Bastion Host |
|---|---|---|
| Zero inbound ports required | ||
| No single point of failure | ||
| No SSH key management | ||
| Built-in audit logging | ||
| Session recordings | ||
| Role-based access control | ||
| Web-based terminal | ||
| Works behind NAT/firewalls | ||
| Automatic agent updates | ||
| Multi-cloud support | ||
| Self-hosted option | ||
| No infrastructure to maintain |
How EpochProxy replaces your bastion host
Install lightweight agent
A ~5MB agent runs on each server. No bastion host needed.
Agents connect outbound
Agents initiate WebSocket connections to the relay. No inbound ports.
Users authenticate centrally
No SSH keys. Users log in via web, CLI, or SSO.
Sessions are logged
Every connection is attributed to a user with full audit trail.
Internet ──► [Port 22] ──► Bastion ──► Private Servers
⚠️ Exposed ⚠️ SPOF Private Servers ──► [Outbound] ──► EpochProxy Relay
✓ No exposed ports
✓ No single point of failure
✓ Full audit logging Frequently asked questions
Common questions about replacing bastion hosts with EpochProxy.
What is a bastion host and why is it a security risk?
A bastion host (or jump server) is a hardened server that acts as a gateway to access private servers. While it centralizes access, it requires an exposed SSH port (typically 22), making it a target for attacks. It's also a single point of failure—if compromised or unavailable, access to your entire infrastructure is affected.
How does EpochProxy eliminate the need for bastion hosts?
EpochProxy agents connect outbound to a relay server, eliminating the need for any inbound ports. Users authenticate through the EpochProxy API, and sessions are routed through the relay to the target server. This removes the attack surface that bastion hosts create while providing better audit trails and access control.
Can EpochProxy handle the same traffic patterns as a bastion host?
Yes. EpochProxy supports interactive terminal sessions, file transfers, and command execution—everything you'd do through a bastion host. The key difference is that connections are initiated from the inside out, not from the outside in.
What about SSH key management?
EpochProxy eliminates the need for SSH key management entirely. Users authenticate through the EpochProxy platform using email/password, SSO, or AWS IAM credentials. The agent handles the connection to the target server without requiring individual SSH keys.
How does EpochProxy handle high availability?
Unlike a single bastion host, EpochProxy's architecture naturally supports high availability. Multiple agents can be deployed, and the relay infrastructure can be scaled horizontally. There's no single point of failure that could lock you out of your servers.
Is EpochProxy more secure than a well-configured bastion host?
Yes, for several reasons: no exposed ports means no attack surface, there's no SSH keys to steal or rotate, all sessions are logged with user identity, and access is controlled through a centralized policy engine rather than distributed OS-level permissions.
Ready to ditch your bastion hosts?
Start with our free tier and see how EpochProxy simplifies your infrastructure access.