With One Identity Safeguard for Privileged Sessions, you can control, monitor and record privileged sessions of administrators, remote vendors and other high-risk users. Content of the recorded sessions is indexed to simplify searching for events and reporting so you can more easily meet your auditing and compliance requirements. In addition, Safeguard for Privileged Sessions serves as a proxy, and inspects the protocol traffic on the application level and can reject any traffic violating the protocol – thus making it an effective shield against attacks.
In transparent mode, only minimal network changes are required and users do not have to change their workflow or client applications, which makes implementation a breeze. However, workflow can be configured so you can authenticate users, limit access to specific resources, authorize and view active connections, and receive an alert if connections exceed preset time limits. Safeguard can also monitor sessions in real time and execute various actions: if a risky command or application appears, it can send you an alert or immediately terminate the session.
All session activity – down to the keystroke, mouse movement, and windows viewed – is captured, indexed and stored in tamper-proof audit trails that can be viewed like a video and searched like a database. Security teams can search for specific events across sessions and play the recording starting from the exact location the search criteria occurred. Audit trails are encrypted, time-stamped and cryptographically signed for forensics and compliance purposes.
Monitors traffic in real time, and executes various actions if a certain pattern appears in the command line or on screen. Predefined patterns could be a risky command or text in a text-oriented protocol, or a suspicious window title in a graphical connection. In the case of detecting a suspicious user action, Safeguard can log the event, send an alert or immediately terminate the session.
Choose which mode suits your needs.
Since users have no direct access to resources, the enterprise is protected against unauthorized and unfettered access to sensitive data and systems. Safeguard for Privileged Sessions can proxy and record to many target resources, including UNIX/Linux, Windows, network devices, firewalls, routers and more.
Safeguard for Privileged Sessions supports both black listing and white listing of commands and windows titles.
Full support for SSH, Telnet, RDP, HTTP(s), ICA and VNC protocols. In addition, security teams can decide which network services (e.g. file transfer, shell access, etc.) within the protocols they want to enable/disable for administrators.
By acting like a virtual firewall, One Identity Safeguard increases protection of your servers by terminating questionable or malicious accesses nearly instantly. In addition to avoid accidental misconfiguration and other human errors, the solution supports the four-eyes authorization principle under which the monitoring admin can terminate the session at any time.
Use smartcard, 2FA or other strong authentication methods to gain secure access to systems. Because Safeguard acts as a proxy gateway to the system, it enables strong authentication to targets that cannot or do not support those methods natively.
Grant privileged access for a specific period or session with full recording and replay
Effectively managing privileged accounts is critical to security and compliance efforts. Read this paper to learn the risk associated with privileged accounts and solutions that can effectively mitigate those risks.
KuppingerCole provides and overview of Privileged Management and then a review of One Identity Safeguard
Privileged accounts are a necessity in any enterprise IT environment, since they enable administrators to manage the environment. But as news reports constantly remind us, granting privileged access increases the risk of a security breach.
Adobe uses privileged session management to achieve internal and external compliance over privileged account access
View webinar to hear a discussion about risk factors and other situations that make human approval for privileged account access critical.
According to the National Academies Press, “biometrics is the automated recognition of individuals based on their behavioral and biological characteristics.” Read this white paper to learn more about Behavioral Biometrics and its role in security.