Privileged Session Manager helps to secure the access, control configurations, monitors in real-time and indisputably records all activities in a datacenter or network infrastructure.
Ensure access to critical systems are only for legitimate business purposes. Privileged Session Manager (PSM) runs as a gateway between users and the target end points that enables controlling, monitoring and auditing encrypted administrator sessions.
Tracks and records all privileged sessions and configuration changes. Provides VCR-like replays of privileged sessions including IT and Network admin users. All commands, either failed or successful, are logged. Indisputable logging of which user attempted to run which command on which device and when.
Reduces risks by restricting authorizations assigned to business units and departments by granting access only to the systems that they are in charge of. “Separation of duties” and “least privilege” practices are achieved, regardless of the role/profile capabilities of the Target Device. Any custom policies (allowed command sets, blocked command sets) can be defined and applied to any user group, ensuring that only the “required set of commands” can be executed by a user in order to fulfill his tasks, restricting standard user accounts from having over-privileged access.
When a user is connected to a device, a supervisor can monitor the session in real-time and can also take/release the control of the session. This is particularly useful when real time monitoring is required for emergency accounts or to monitor someone who is in training.
Single Connect Session Manager enables user to connect enterprise applications without knowing application username/password.
Helps to eliminate password sharing and shared account usage. Users always log in with their own username/password, even if a shared account is used to connect to the device. For example, I connect to Single Connect with username=Frank and then select a device to connect. Single Connect Session Manager establishes a session towards the target device, but may be using username=admin. As a user, I never see/know the real username/password used to connect to the target device, all I know is my own username/password.
Enables the definition of time-based access limitations, based on time of day, day of the week, maintenance window hours, etc.
Detects and prevents malicious attacks before they occur.
Users continue to use applications on their computers as they are used to.
Provides logs and reports required for audits and compliance with regulations.