PAM
Privileged Access Management (PAM): WALLIX
Click to explore the offer:
What is Wallix Bastion?
How do you ensure security in a company where many employees, as well as outsiders, have administrator privileges and therefore access to valuable IT resources? The answer is brought to you by WALLIX, a solution for managing privileged user accounts.
Privileged user accounts are used by people who locally or remotely have access to resources, maintain systems, can make changes and update data. Administrators' broad privileges allow them to efficiently and independently manage the IT network, but on the other hand, they can become a threat to the company if they are out of control. The Wallix Bastion solution enables IT departments to protect critical resources that are accessed remotely by managing privileged accounts and controlling and managing this remote access.
The Wallix Bastion solution also provides auditability of administrators' sessions, offering the ability to view privileged sessions for auditing purposes (hard evidence available in the form of videos and logs of every command executed during a remote session), troubleshooting or identifying possible causes of malicious events. The product has a real-time alert system that alerts users to violations of established corporate security policies.
Privileged user accounts are used by people who locally or remotely have access to resources, maintain systems, can make changes and update data. Administrators' broad privileges allow them to efficiently and independently manage the IT network, but on the other hand, they can become a threat to the company if they are out of control. The Wallix Bastion solution enables IT departments to protect critical resources that are accessed remotely by managing privileged accounts and controlling and managing this remote access.
The Wallix Bastion solution also provides auditability of administrators' sessions, offering the ability to view privileged sessions for auditing purposes (hard evidence available in the form of videos and logs of every command executed during a remote session), troubleshooting or identifying possible causes of malicious events. The product has a real-time alert system that alerts users to violations of established corporate security policies.
Wallix Bastion modules
It consists of the following five main functional modules:
Session Manager
A module for controlling and allocating privileged access, while protecting resource passwords, enabling collaboration and providing viewing and recording of privileged sessions, secured by WALLIX's unique patented mechanism.
Access Manager
Web-based administration console to supervise and audit all activities of administrators and recorded by Session Manager. This console avoids the deployment of VPNs and allows the aggregation of data recorded by multiple Bastion instances for 'large' infrastructures.
AAPM
A local agent for workstations or servers that synchronises with Bastion to automatically provide login data to processes, programs and scripts. AAPM eliminates local encrypted passwords and enables secure DevOps provisioning operations.
Password Manager
A module for the implementation of a password rotation policy that regulates administrators' access to IT resources (which makes it possible to strengthen the security of the system with regard to modification and manipulation of passwords and prevents the risk of password leaks).
PEDM
An agent-based solution that allows IT to control local administrative operations and block the launch of specific processes that are not necessary for their tasks.
Features Wallix Bastion
Main features and functions of Wallix Bastion
Easy and quick implementation - integration with Microsoft Active Directory/LDAP/MFA.
No software installation is required on monitored systems.
It uses authentication protocols such as LDAP, Microsoft Active Directory, Radius, TACACS+, Kerberos, X.509, OTP, Web SSO.
Ability to define the users, systems and applications to which you want to grant access and which you want to protect or monitor.
Define password rotation rules for privileged accounts.
Managing user access to selected areas of the organisation.
Collection and management of passwords and SSH keys using a secure password vault.
Possibility of HA clustering in active/active or active/passive mode.
Receive notifications of each administrative session that has started.
Real-time monitoring of the external company's work.
Ability to terminate a remote session at any time.
The ability to record sessions in both text and video form, as well as recording event logs for audit purposes.
Protection of credentials for privileged accounts (e.g. root, local admin, dba, etc.).
Ability to elevate user rights and manage delegation.
Ability to define automatic rules, e.g. identifying and responding to suspicious user behaviour or interrupting sessions where prohibited commands have been used.
Support for multiple platforms including VMware, Microsoft Hyper-V, Microsoft Azure, Amazon Web Services or installation on a powerful WALLIX hardware platform.
Why Wallix Bastion
Why use the Wallix Bastion solution?
With Wallix Bastion you gain:
a record of the work of local administrators to reconstruct the path of action in the event of an emergency or to serve as an example of a good solution to a problem,
authentication of external operators on the system without the need for a target system password,
recording remote sessions of external consultants or developers,
archiving the working time and logging history of internal and external employees,
fast and efficient installation, requiring no installation of agents.
