Privileged Session Management Suite
Features & Benefits
Cyber-Ark's PSM offers you a robust set of capabilities including:
- Isolate & protect critical servers: PSM's proxy architecture directs all session connections to target devices via the PSM server to initiate the privileged session. As a result, planting malware from administrator endpoints becomes very challenging.
- Live Monitoring and Recording of Privileged Session Activities: Connect to live privileged sessions to monitor what is happening in real-time and intervene with the session or terminate if necessary. For forensic analysis and auditing proof, PSM records any activity that occurs in a privileged session on any target device, personal account or non-managed privileged account, creating a highly compressed and searchable video recording or text based recording. All recordings are stored in the tamper-proof Digital Vault and can be accessed for audit proof and change management review.
Live monitoring with the ability to interact or terminate the session when suspicious activity is detected
Click to enlarge - Quicker Search & Analysis: Easily search for privileged commands within recordings and click to play from 'point in time'
- Privileged Single Sign-On: log on to the Privileged Session Management portal using 2-factor authentication without the need to deploy a complex SSO solution. Direct connection to the target server is established without disclosing the privileged credential to the end user.
- Secure Remote Access: PSM allows browser based access to managed devices. The network traffic is sent over the HTTPS protocol which enables remote and cross-network access without the need to open the corporate firewall to native protocols such as SSH and RDP. This replaces a jump server scenario with the added benefit of continuous monitoring and session control in one solution
- 3rd party vendor access: With PSM, you can limit, secure, control and monitor 3rd party vendor access to critical corporate network resources and avoid divulging privileged credentials when connecting to your target systems.
Third party remote vendor access.
Click to enlarge - Offers a native solution for SSH and Telnet protocols e.g. in Unix, network and SCADA environments: no trade-off between end user ease of use and need for security controls when deploying to these environments. SSH keystrokes can be monitored in real-time and session can be searched by keystroke commands.
- Privileged access control to sensitive web applications: Extend privileged access control to sensitive web applications such as Salesforce, the Corporate Facebook account or any web-based ERP/CRM application.
- Distributed and Highly Scalable Architecture: allows for easy installation and location of multiple PSM servers on different network segments in a single product instance with centralized audit, control and user management.
- Web Interface for Users and Auditors: offers flexible access control mechanisms and a personalized view of managed devices
- Enterprise Readiness: Easily integrates with enterprise infrastructure and best-of-breed products e.g. ticketing systems, SIEM, enterprise directories etc.
- Policy based enforcement: PSM session recording can be configured as part of the central enterprise security policy together with privileged credential management.
- Centralized Audit View: Sharing the same infrastructure and interface, managers and auditors gain a single and correlated view into privileged credential management and activity in the organization. Starting from who retrieved a privileged account and initiated the session and when, ending with a complete trace of all activities performed in the session.
- Faster deployment with no performance overhead: The PSM solution can be transparently deployed without the need to install any agents or change the network architecture.
- Acts as a jump server environment with the added benefit of controlling and monitoring sessions
