Control access to privileged accounts
Privileged Session Manager permits users to view only resources for which they are authorized. They connect through a secure web browser to request a session for specific resources or administrative account.
Because Privileged Session Manager proxies all sessions to target resources (no direct user access to resources), it protects your enterprise against viruses, malware or other dangerous items that may exist on an end-user’s system. Featuring broad platform and device compatibility, it proxies and records UNIX/Linux, AS/400, Windows, Web applications, firewalls, routers, network devices and more.
Restrict specific commands during a session based on the user and/or the system. If the user attempts to execute a prohibited command, you can configure it to alert a specific individual, kill the command, kill the login or terminate the session.
Full session audit, recording and replay
All session activity – every action that takes place on the screen, including mouse movements, clicks and keystrokes is recorded. DVR-like controls enable you to replay all recorded session activity and use this data for session/user analytics, forensics or compliance review. Recorded files are compressed, thus minimizing storage requirements.
Easily search for specific events across sessions or and add bookmarks to return to a specific point in that session at any time.
Your organization’s most critical resources are protected because the appliance does not have a console port or a console lever interface and accounts and passwords can only be accessed via a secure, role-based web interface. This protects it from host-admin attacks and unauthorized modifications to database, OS or other system-level modifications. It also features an internal firewall that protects against external network-based attacks and delivers additional auditing capabilities.
Authorized users can connect to specific resources or accounts by selecting from a filtered list that displays only items for which they are authorized to request. The user enters the reason for the request, how long they expect to need access and, if required, a ticket number that can be integrated with your existing ticketing system.
Privileged Session Manager can be combined with Privileged Password Manager, enabling you to configure access for automatic login, which enhances security and compliance by not exposing account credentials to users.
Automated processes eliminates much of the hassle of governing privileged users. You can easily certify and approve that only the users that should have access can request and gain privileged access. By integrating Identity Manager with Privileged Session Manager, users can request, provision and attest to privileged and general user access within the same console.
Effectively managing privileged accounts is critical to security and compliance efforts. Read this paper to learn the risk associated with privileged accounts and solutions that can effectively mitigate those risks.
This paper explains why all remote access should not be treated equally. By neglecting to treat remote vendor access (RVA) differently from traditional remote access for employees, organizations can introduce security risks.
Privileged accounts are a necessity in any enterprise IT environment, since they enable administrators to manage the environment. But as news reports constantly remind us, granting privileged access increases the risk of a security breach.
This document describes the security architecture of the The Privileged Account Appliance used with Privileged Password Manager and Privilleged Session Manager
Read this insightful overview of IAM-project strategy from KuppingerCole and One Identity to hear from organizations that have made the journey to IAM success and learn their recommendations for preparing the way and executing your IAM project.
Take a look at the eye-opening findings about privileged account management (PAM) practices in One Identity’s global survey of IT security professionals.