Beyondtrust

PowerBroker Servers:
UNIX & Linux Privilege Management + Active Directory Bridging

A single solution for Linux and Unix server compliance. Integrate your open systems into your Active Directory environment, while replacing sudo in heavily regulated environments.

Server Compliance in the Data Center or the Cloud

For organizations where compliance is the rule, not the quarterly exception, controls over critical server systems must be managed and enforced with institutional consistency. Doling out privileges via the sudo command, or having Linux and Unix systems left apart from centralized policy is not an option.

PowerBroker Servers provides a simple way implement privileged access policy and the ability to log, monitor, and report on user access. Now, you can centralize the management of your Linux and UNIX users, groups and computers with powerful integration with Microsoft Active Directory. This centralized approach to managing privileged access in the virtual datacenter has shown to significantly reduce operational complexity and costs, protect critical assets from misuse of privileged access and demonstrate compliance.

PowerBroker Servers, Enterprise UI
XING
“With PowerBroker, we have better user engagement/experience for our customers, along with better security.” Director of Site operations, XING

Server Security Lifecycle

Endpoint Security Lifecycle - Discover

Key Benefits

  • Accurate baseline for all follow-on assessment activities
  • Target identification for least-privilege or other server projects such as consolidation or virtualization
  • Creation of server-specific Smart Groups for regular assessments, risk prioritization and reporting

Key BeyondTrust Capabilities

  • Provides complete inventory of server assets (approved and rogue)
  • Cataloging of full system information (OS, device, applications, services, ports etc.)
  • Discovery of local users, groups and privilege data across distributed server environment
Endpoint Security Lifecycle - Assessment

Key Benefits

  • Proactive identification of vulnerabilities, misconfigurations and policy violations
  • Threat assessments on servers operating system, applications and configurations
  • Custom audits/assessments allow for identification of non-standard assets, software or configurations

Key BeyondTrust Capabilities

  • Accurate, actionable data helps drive proper remediation actions, accelerating risk reduction
  • Risk scoring streamlines the classification of most at-risk devices
  • Intuitive trending data for easy analysis, enabling better security strategy decisions
Enterprise Security Lifecycle - Comply

Key Benefits

  • “Operational GPS” directs IT to which actions provide the most risk-reduction benefits
  • Automated reporting on compliance efforts creates consistency and accountability, while driving down costs
  • Enterprise policy management and reporting

Key BeyondTrust Capabilities

  • Least Privilege implementation across the enterprise
  • Active Directory bridging across the enterprise
  • Robust database auditing
  • Non-Microsoft application patching
Endpoint Security Lifecycle - Optimize

Key Benefits

  • Receive an immediate ‘state of the union’ with regards to your server deployment through Risk Scoring
  • Greater efficiency via enterprise-centric capabilities such as role based access, internal auditing, ticketing, and integration with existing infrastructure investments

Key BeyondTrust Capabilities

  • Centralized management, reporting and logging
  • Role based policy, alert and reporting management
  • Virtual Vulnerability Scans on elevated commands and applications

FEATURES & BENEFITS

Directory Migration

Automatically map UIDs and GIDs to users and groups defined in active directory by importing Linux, UNIX, and Mac OS password and group files

Institutional Control for User Activity

Flexibly control user activity through fined-grained policies that can invoke any action; from initiating an email approval workflow to validating a help desk ticket

Mature Your Operations Beyond sudo

Quickly integrate and secure your existing operations by effortlessly converting your sudoer files into PowerBroker Server policies with our sudo converter

Secure, Compliant Privilege Delegation

In a more secure fashion than using sudo, delegate privileges without disclosing the root password on UNIX, Linux, and Mac OS X platforms

Why BeyondTrust for Server Security

  • We make life easier for system administrators by empowering them to use a single familiar tool set to manage both Windows and Unix systems
  • Quickly meet access/authorization regulations as described in SOX, HIPAA, GLBA, PCI DSS, FDCC and FISMA
  • Granularly control user access to programs, files, and directories as well as brokering system tasks, without sudo
  • Enables one-to-many management of Unix, Linux, and Mac OS X configuration settings
  • Centralized log data facilitates controlled access to session activity information
  • Centralized policy store allows for a single control point for managing user privileges
  • Time-stamped logs for every administrative, user-level, and application activity ensures that no suspicious activity goes unnoticed
  • Supports flexible integration scenarios with Active Directory and other directory services, from basic authentication enablement to storage and lookup of PowerBroker policy data
University of Winchester

Related Products

To learn more about our products for securing your environment, select a product area below:

PowerBroker Identity Services

Quickly and easily integrate your Linux and Unix servers into your Active Directory Infrastructure

PowerBroker UNIX & Linux

Quickly and easily manage root access on UNIX and Linux servers, without ever disclosing the system password

PowerBroker Password Safe

Automate Password Management for Increased Security across your entire dynamic infrastructure

SCREENSHOTS