Control access – Authorized users can request a session on specific resources or through specific administrative accounts using a secure Web browser connection. Each user can view only the specific resources he or she is authorized to request access to. You can configure the connection for authorization workflow to further enhance control and achieve compliance.
Proxy access – Privileged Session Manager proxies all sessions to target resources. Since users have no direct access to resources, the enterprise is protected against any viruses, malware or other dangerous items that may exist on the user’s system. Privileged Session Manager can proxy and record Unix/Linux, Windows, AS/400, Web applications, network devices, firewalls, routers and more.
Command control – You can allow only specific commands to be executed during a session based on either the user accessing the system or the system they are accessing. In addition, you can restrict the commands a user may run during a session; if the user attempts to execute a prohibited command, you can choose to automatically notify a specific individual, kill the command, kill the login or kill the whole session.
Full session audit, recording and replay – All session activity – every action that takes place on the screen, including mouse movements and clicks as well as typed characters – is recorded and available for forensics and compliance review using DVR-like controls. Only actual activity is recorded, and recordings are compressed to minimize offline storage requirements, to a fraction of the size required by other session-recording solutions.
EZ Replay – Administrators can search for specific events across sessions, and while viewing a session, they can add bookmarks to easily come back to a specific point in that session at a later date.
Secure appliance – The hardened appliance does not have a console port or console level interface and can only be accessed via a secure, role-based Web interface. This provides protection from host admin attacks, as well as OS, database or other system-level modifications. The appliance also includes an internal firewall that protects against external network-based attacks and provides additional auditing capabilities.
Simple workflow – Authorized users simply select the resource or account they need to connect to; the list each user sees shows only the items to which the user is approved to request access. The requestor specifies the expected duration of the session, the reason for the request, and, if required, a ticket number that can be integrated with an existing ticketing system.
Auto-login – When combined with Privileged Password Manager, Privileged Session Manager access can be configured for automatic login. Auto-login enhances security and compliance by never exposing the account credential to the user.