Privileged Session Manager

Monitor and control all privileged sessions on critical systems with Kron PAM's Privileged Session Manager.

Download Datasheet Request a Demo

Real-Time Access Security

The Privileged Session Manager helps to secure access, controls configurations, monitors in real-time and indisputably records all activities in a datacenter or network infrastructure.

Real-Time Access Security
Take Control

Ensure access to critical systems is only for legitimate business purposes. The Privileged Session Manager (PSM) runs as a gateway between users and the target end points, enabling the control, monitoring and auditing of encrypted administrator sessions.

Full Visibility

Tracks and records all privileged sessions and configuration changes. Provides VCR-like replays of privileged sessions including IT and Network admin users. All commands, either failed or successful, are logged. Indisputable logging of which user attempted to run which command on which device and when.

Segregation of Duties & Least Privilege Principles

Reduces risks by restricting authorizations assigned to business units and departments by granting access only to the systems that they oversee. “Separation of duties” and “least privilege” practices are achieved, regardless of the role/profile capabilities of the target device. Any custom policies (allowed command sets, blocked command sets) can be defined and applied to any user group, ensuring that only the “required set of commands” can be executed by a user in order to fulfill his/her tasks, restricting standard user accounts from having over-privileged access.

Dual control (referred to as “four eyes” or “second eye”)

When a user is connected to a device, a supervisor can monitor the session in real-time and can also take/release the control of the session. This is particularly useful when real- time monitoring is required for emergency accounts or to monitor someone who is in training.

Auto-login to Applications

The Kron PAM Privileged Session Manager enables users to connect to enterprise applications without knowing the application’s username/password.

Eliminate Password Sharing

Helps to eliminate password sharing and shared account usage. Users always log in with their own username/password, even if a shared account is used to connect to the device. For example, I connect to Kron PAM with username=Frank and then select a device to connect. The Kron PAM Privileged Session Manager establishes a session towards the target device, but may be using username=admin. As a user, I never see/know the real username/password used to connect to the target device, all I know is my own username/password.

Time-based Access Limitations

Enables the definition of time-based access limitations, based on time of day, day of the week, maintenance window hours, etc.

Always Be Prepared for Attacks

Detects and prevents malicious attacks before they occur.

Control Access without Any Change of User Behavior

Users continue to use the same applications they are used to on their computers.

Fully Comply with Regulations

Provides logs and reports required for audits and compliance with regulations.