Frequently Asked Questions (FAQ)

Is the PowerBroker Management Console (PBMC) a hardware or software solution?
The PowerBroker Management Console (PBMC) is a web-based application, accessible anywhere via Internet Explorer v7.0, Mozilla Firefox v2.0 and v3.0. PBMC does not require software installation on any of the systems using the interface. Users connect to the management console using HTTPS encryption, a security protocol used for transmitting sensitive data over the web.

What are host identities used for?
Host identities are defined as a specific username associated with a specific host (e.g., username@hostname).

What is a context?
A context is defined as a group of related hosts. Each context must be associated with an authentication source.

Is there an auto-discovery option for new hosts?
Yes. PBMC includes auto-discovery of new hosts and/or users from log data.

Does PBMC provide user authentication?
PBMC provides user authentication components via Active Directory, LDAP, and/or the BeyondTrust Common Database. PBMC authentication security can be delegated down to the method-level, using web filters.

Does BeyondTrust offer a free trial to evaluate the PBMC solution?
Yes. BeyondTrust offers a free 30-day trial which includes full 24x7x365 technical support.

Does PBMC offer tangible cost savings and/or productivity boosts?
PBMC will lower the cost of managing security, while simultaneously improving operational performance through enhanced application integration using real-time data. With PBMC, IT administrators will be able to configure and manage hundreds-to-thousands of systems in a fraction of the time it usually takes to perform traditional security implementations.

What is the BeyondTrust Common Database?
The BeyondTrust Common Database operates as a central repository for shared common data utilized between products. Data becomes much more transparent and manageable for administrators, ensuring that security policy files are deployed centrally throughout the network.

Which databases are supported by PBMC?
PBMC supports Oracle® 10g and 11g, Sun MySQL®, PostgreSQL and Apache Derby databases.

Does PBMC provide Role-Based Access Control (RBAC)?
Yes. Using PBMC’s eWorkflow feature provides comprehensive support for separation of duties for policy management (e.g., a separate group responsible for policy creation, policy approval, policy deployment, and log audits). eWorkflow brings intelligent security that strengthens role-based access control (RBAC), and is automated and actionable, empowering organizations to make quick and effective decisions.

How long does it generally take to process and enforce security policies?
PBMC will update every revised security policy in real-time, and enforce every security policy created.

Describe the log review and approval workflow within PBMC.
Every policy management action is logged, and as logs are received, PBMC will queue them for review and reviewer assignment, dependent upon the roles and permissions defined within the security policy files. PBMC identifies the proper reviewers, using filters based on submit host, submit user, run host, run user, user group and context. Once the appropriate “reviewer unit” receives a queue alert, they will determine if the logs require the enforcement of an escalation policy for incomplete reviews and approvals.

What are the log review options to ensure enterprise compliance?
Yes. BeyondTrust PowerBroker v6.0 integrates with PBMC v1.0 to centrally gather, manage, and review logs, from each system, all in one place. Log data can be pooled together for review and reports can be automated and scheduled to run at any time.

How is PowerBroker enhanced with the integration into PBMC?
After integrating BeyondTrust PowerBroker v6.0 with PBMC v1.0, the management console will oversee all of the IT security policies, authentication and configuration of users, groups, and systems, and automated shared account password management. This will result in streamlining threat, vulnerability, and security policy information to simplify compliance.

Does operating the management console require advanced scripting knowledge or experience?
No. PowerBroker offers configuration via the standard command line interface (CLI), but also via a web-based graphical user interface (GUI) to provide a user-friendly alternative in administering PowerBroker. The web interface allows administrators to easily modify the PowerBroker settings file, view event records from the event log, replay keystroke logs, and create and modify policy files. This easy-to-use interface will enable non-programmers to create security policies that support regulatory compliance.

What are the client/server requirements to run PBMC?
Before installing PBMC, it is important to verify that the following requirements are met for servers and clients:

Server Requirements*
- 2.0 GB minimum memory for Apache Tomcat and Apache ActiveMQ Message Broker - Operating system: Unix/Linux. For detailed information, please see the product README document. - Java JDK v1.6 or later. - Apache Tomcat v6.0.18 or later. - Apache ActiveMQ Message Broker v5.1 or later. - Databases supported: Oracle® 10g and 11g, Sun MySQL®, PostgreSQL, and Apache Derby. *Please Note: These requirements are “beta” requirements, and may change for GA.

Client Requirements
To access PBMC, your client must have the following available: For Windows, one of the following Web browsers and versions: - Internet Explorer v7.0 - Mozilla Firefox v2.0 or v3.0 For Unix/Linux, the following version of the Web browser: - Mozilla Firefox v3.0