Core Privileged Access Manager (BoKS)
Transform your multi-vendor Linux and UNIX server environment into one centrally managed security domain
Centralized Linux and UNIX Access Management for On-Premises and Cloud Environment
Core Privileged Access Manager (BoKS) transforms your multi-vendor Linux and UNIX server environment into one centrally managed security domain. BoKS simplifies your ability to enforce security policies and features a simple configuration framework for streamlined, robust administration. Easily control access to critical systems and information with straightforward deployment. Ensure full control over accounts, access, and privilege, so your IT and security teams can prevent internal and external attacks on critical systems before they start.
Key Benefits
- Centralize user and group provisioning with management to save time and increase operational efficiency
- Centrally manage access control for over-the-network services such as SSH, telnet and ftp (only configured access is allowed)
- Deploy quickly with native packages for all server agent platforms and master & replica platforms
- Enhance security with support for sudo and sudoedit, and automated renewal for node keys
- Leverage Single Sign-On and strong authentication with public key technology and two-factor devices
- Enforce a common password policy across the domain on diverse platforms
- Audit all network login, access, and administration to meet auditor requirements
- Secure, encrypted access with SSH and telnet, enforceable for specified hosts and users
- Direct keystroke logging of user sessions for sensitive operations
- Non kernal-intrusive PAM-based solution, easy to deploy, does not impede kernal patching
- Enhance failover performance with intelligent downloading of database tables
Enhanced and Efficient Account Administration
Core Privileged Access Manager enables organizations to centralize the administration of users, improve the controls over how users are granted access to system resources, as well as enhance the auditability of Linux and UNIX servers.
By eliminating manual processes and inefficiencies, organizations can significantly improve administrator productivity while providing a more secure computing environment.
- Within minutes, centrally create, modify, and/or remove users and groups across server environment
- User password and group synchronization are pushed automatically
- Integration with external Directories - LDAPS/LDAP based
- Bridging with Microsoft Active Directory - making User and Host Groups visible in AD, reducing operational costs
- Integration with external Identity/ Role and Federation services as sources of identity using Web Services
Granular Access and Privileged Access Management
IT security teams are challenged with protecting sensitive data, and enabling users across the organization to maintain productivity. You can bridge that gap between IT security and user enablement with Core Privileged Access Manager's granular privileged access management solution. As a result, your organization will become more secure, meet (and simplify) compliance, and increase overall operational efficiency.
- Define and enforce who is granted elevated privilege, when, from where, and how
- Control which commands can be executed by privileged users, (“SUDO”) and audit privileged activity
- Granular assignment of who can switch sessions ("SU”)
- Assign groups of commands instead of giving open root access to all commands
- Define with policy which SUDO sessions are keystroke logged, based on risk and user
- Remove the need for distribution of sudoers files with configuration management solutions or scripts.