Privileged Account Management

Controlling & Auditing Superuser Access

Dell One Identity helps you control and audit administrative access with privileged credentials through granular delegation and command control, keystroke logging and session audit, policy-based control, and secure and automated workflows. This approach enhances security and compliance while improving the efficiency of administering superuser access. Administrators are granted only the rights they need—nothing more, nothing less—and all activity is tracked and audited.

  • Enhance security by granting administrators only the access rights required for their jobs—nothing more, nothing less—and basing those rights on established and intelligently controlled policy. In addition, when full credentials must be used, secure the process of requesting, approving and issuing access to those accounts, including the critical application-to-application (A2A) and application-to-database (A2D) passwords that pose the greatest security risk.
  • Achieve compliance through access control and separation of duties for privileged access that you can track through comprehensive audit capabilities that include policy, rights and activities performed through privileged access—even down to the keystroke level on many critical systems.
  • Improve efficiency through granular, policy-driven delegation of elevated access privileges and execution of specific commands across a wide range of systems and platforms, with centralized management and comprehensive audit. Through automated workflows, your administrators gain sufficient rights to do their jobs eliminating the need for manual credential management. In addition, Dell One Identity adds significant value to sudo by centralizing management of sudo policy and providing visibility into sudo-related activities.


Already know which product will simplify your work? Review this list to find it – and browse related products.

Review the capability categories below to find a solution for your specific IT challenges.

Browse the technology platform categories below to find solutions for your unique IT challenges.

Managing Privileged Accounts Across the Enterprise

Dell One Identity eliminates the “keys to the kingdom” problem across your enterprise. Administrators are granted only the rights they need—nothing more, nothing less—and all activity is tracked and audited.

Privilege Safe

Automate and secure the request, approval, issuance, return and automatic changing of administrative credentials across the entire diverse enterprise with a comprehensive audit trail of the process. Delivered via a secure, hardened appliance, the One Identity solution also overcomes the security concerns of passwords hard-coded into scripts as applications communicate with other applications or databases.

Granular Delegation & Command Control

Improve security and achieve compliance by implementing agent-based granular delegation of administrative access on Unix and Linux systems, as well as Active Directory and virtual desktops. One Identity also provides proxy-based command control for multiple operating systems, including Windows, Unix, Linux and Mac, as well as a variety of devices. The One Identity approach enables organizations to provide only the appropriate amount of access required for administrators to do their jobs across the widest range of systems and applications.

Indelible Audit Trails

Gain comprehensive audit of activities performed with elevated privileges across a variety of systems. Capabilities include keystroke logging for delegated root access, including through Sudo, proxy-based session audit of activities on Windows, Unix, Linux, Mac, Web applications, databases, mainframes and devices, and complete tracking of policy and activities associated with the privilege safe.

  • ActiveRoles Server

    ActiveRoles Server provides out-of-the-box user and group account management, strictly enforced administrator-based role security, day-to-day identity administration and built-in auditing and reporting for Windows-centric environments.

  • Privileged Access Suite for Unix

Policy-based Authorization

Base elevated access on strong policy and group membership within Active Directory—including support for Unix and Linux—and on dedicated, platform-specific policies within the delegation tools themselves. This strategy eliminates ad-hoc, box-by-box authorizations across the entire population of non-Windows systems.

  • Defender
    Quest Defender uses the scalability and security of Active Directory for identity storage and management, enabling administrators to use their existing skill set to manage two-factor authentication and eliminating the costs and time involved in setting up and maintaining proprietary databases.

Multifactor Authentication

Strengthen administrative access security with multifactor authentication for pre-determined actions, roles or systems. One Identity integrates its multifactor authentication solutions with Active Directory (and AD-based role management solutions), non-Windows systems and platform-specific privileged account delegation tools.

Privileged Governance

Take the hassle out of governing privileged users with an automated process for certifying and approving that only users that need access can request and gain privileged access. Integrate Dell’s solutions for identity governance and privileged management to close security gaps, unify identity management and streamline governance. From a single console, request, obtain, and attest to access, based on pre-defined policies that incorporate risk-assessment and segregation of duties — all with business workflows.

  • Privilege Manager for Sudo
    The Privilege Manager for Sudo plug-ins enhance sudo 1.8.1 (and newer) with a central policy server, centralized management of sudo and the sudoers policy file, centralized reporting on sudoers access rights and activities, as well as keystroke logging of activities performed through sudo.

Centralized Sudo Administration

Streamline administration and easily provide access control reporting for sudo. The One Identity solution enhances sudo 1.8.1 (and newer) with a central policy server, centralized management of sudo and the sudoers policy file, centralized reporting on sudoers access rights and activities, as well as keystroke logging of activities performed through sudo.

Privileged Account Management for Heterogeneous Environments

Centralize management of administrative accounts for mixed platforms, including Unix, Linux and Mac. Dell One Identity enables you to leverage the built-in, role-based authorization capabilities of Active Directory for non-Windows systems.

Active Directory

Achieve flexible, granular access controls for Active Directory with role-based delegation, command control and session audit to ensure that all administrative actions are consistent with your organization's security standards. Business rules can be created to trigger approvals or constraints on role-based controls. In addition, password vault functionality can secure and control use of full administrative credentials.

Windows

Achieve flexible, granular access controls for the Windows administrator account through password vault functionality, session audit and command control.

Unix & Linux

Solve the inherent security and administration shortcomings in Unix-based systems by unifying and consolidating identities across the entire environment. Assign individual accountability and least privilege to root activity. Plus, provide centralized reporting through a single console for all Unix-based access. And do all of this without breaking the budget.

Enterprise Applications

Control superuser access on enterprise applications through a controlled and automated password vault that uses consistent policy to enforce proper request, approval, issuance, logging, return and changing of administrative credentials. This capability includes the application-to-application (A2A) and application-to-database (A2D) passwords that are typically hard-coded into scripts, eliminating a major security and compliance hole.

Other Applications

Control superuser access on applications through a controlled and automated password vault that uses consistent policy to enforce proper request, approval, issuance, logging, return and changing of administrative credentials. This capability includes the application-to-application (A2A) and application-to-database (A2D) passwords that are typically hard-coded into scripts, eliminating a major security and compliance hole.

Web Applications

Control superuser access on Web applications through a controlled and automated password vault that uses consistent policy to enforce proper request, approval, issuance, logging, return and changing of administrative credentials. This capability includes the application-to-application (A2A) and application-to-database (A2D) passwords that are typically hard-coded into scripts, eliminating a major security and compliance hole. In addition, One Identity provides the ability to perform session audit on administrative access to Web-based applications.

Mainframes

Control superuser access on RACF-based systems through a controlled and automated password vault that uses consistent policy to enforce proper request, approval, issuance, logging, return and changing of administrative credentials. In addition, One Identity provides the ability to perform session audit on administrative access to mainframes.

Databases

Control superuser access on SQL systems through a controlled and automated password vault that uses consistent policy to enforce proper request, approval, issuance, logging, return and changing of administrative credentials. In addition, One Identity provides the ability to perform session audit on administrative access to SQL.

Devices

Control superuser access on devices (for example routers) through a controlled and automated password vault that uses consistent policy to enforce proper request, approval, issuance, logging, return and changing of administrative credentials. In addition, One Identity provides the ability to perform session audit on administrative access to those same devices.

Get the most from your investment with help from our highly rated support team, training programs, and implementation services.