For VendorsBlog
Login
One Identity Safeguard for Privileged Sessions

Add to comparison

One Identity Safeguard for Privileged Sessions

1
Pitch
One Identity Safeguard for Privileged Sessions - controlling, monitoring and recording privileged access.

Features of product

Проблемы Problem Solving
  • Risk of attacks by hackers
  • Risk of data loss or damage
  • Risk of lost access to data and IT systems
  • Risk or Leaks of confidential information
  • Unauthorized access to corporate IT systems and data
Ценности Business Values
  • Ensure Security and Business Continuity
  • Reduce Costs
Матрица сравнения с конкурентами Matrix of comparison with competitors
Описание

About Product

With One Identity Safeguard for Privileged Sessions, you can control, monitor and record privileged sessions of administrators, remote vendors and other high-risk users. Content of the recorded sessions is indexed to simplify searching for events and reporting so you can more easily meet your auditing and compliance requirements. In addition, Safeguard for Privileged Sessions serves as a proxy, and inspects the protocol traffic on the application level and can reject any traffic violating the protocol – thus making it an effective shield against attacks.

In transparent mode, only minimal network changes are required and users do not have to change their workflow or client applications, which makes implementation a breeze. However, a workflow can be configured so you can authenticate users, limit access to specific resources, authorize and view active connections, and receive an alert if connections exceed preset time limits. Safeguard can also monitor sessions in real time and execute various actions: if a risky command or application appears, it can send you an alert or immediately terminate the session.

Features:

Full session audit, recording and replay

All session activity – down to the keystroke, mouse movement, and windows viewed – is captured, indexed and stored in tamper-proof audit trails that can be viewed like a video and searched like a database. Security teams can search for specific events across sessions and play the recording starting from the exact location the search criteria occurred. Audit trails are encrypted, time-stamped and cryptographically signed for forensics and compliance purposes.

Real-time alerting and blocking

Monitors traffic in real time, and executes various actions if a certain pattern appears in the command line or on screen. Predefined patterns could be a risky command or text in a text-oriented protocol or a suspicious window title in a graphical connection. In the case of detecting a suspicious user action, Safeguard can log the event, send an alert or immediately terminate the session.

Two modes of operations

Choose which mode suits your needs.

  • Workflow Engine – A workflow engine that supports time restrictions, multiple approvers, reviewers, emergency access, and the expiration of the policy. It also includes the ability to input reason codes and/or integrate directly with ticketing systems. A password request can be automatically approved or require any level of approvals.
  • Instant On - Deploy in transparent mode so that no changes to user workflows are necessary. It can act as a proxy gateway operating like a router in the network – invisible to the user and to the server. Admins can continue to use familiar client applications and can access target servers and systems without any disruption to their daily routine.

Proxy access

Since users have no direct access to resources, the enterprise is protected against unauthorized and unfettered access to sensitive data and systems. Safeguard for Privileged Sessions can proxy and record to many target resources, including UNIX/Linux, Windows, network devices, firewalls, routers and more.

Full-text Search

With it's Optical Character Recognition (OCR) engine, auditors can do full-text searches for both commands and any text seen by the user in the content of the sessions. It can even list file operations and extract transferred files for review. The ability to search session content and metadata accelerates and simplifies forensics and IT troubleshooting.

Характеристики

Characteristics

Multi-factor Authentication
Password Vault
Password Management
Account Management
Sessions Recording
Detailed Access Control
Audit
User Activity Monitoring
Privilege Management
Threat Analytics N/A

Features of users

Роли заинтересованных сотрудников Stakeholders Roles
  • Chief Executive Officer
  • Chief Information Officer
  • Chief IT Security Officer
  • IT Security and Risk Management
Признаки применимости Company requirements
  • Internet access is available for employees
  • IT Security Department in company
Materials