PowerBroker Servers:
Unix & Linux Privilege Management + Active Directory Bridging

Achieve compliance and improve efficiency in Unix, Linux and Mac environments by implementing root account privilege and session management, integrating open systems into Active Directory, and utilizing Group Policy for consistent configuration management. Replace sudo in heavily regulated environments.

Unix and Linux Compliance in the Data Center or the Cloud

PowerBroker Servers enables IT organizations to implement privileged access policy across Unix, Linux and Mac environments, while centralizing management through Microsoft Active Directory and achieving consistent configuration with Group Policy. This centralized approach to managing privileged access in the virtual datacenter reduces complexity and cost, provides a secure alternative to sudo, and helps IT more efficiently demonstrate compliance.

  • Enable users to perform specified administrative tasks without disclosing passwords
  • Record and index all sessions for quick discovery during audits
  • Enable users to leverage their AD credentials to access Unix, Linux or Mac systems
  • Attain consistent configuration by extending native group policy management tools to include settings for Unix, Linux and Mac
  • Consolidate directories to simplify management of complex environments
  • Leverage across more than 30 different Unix & Linux platforms
Unix and Linux Server Privilege Management

“With PowerBroker, we have better user engagement/ experience for our customers, along with better security.”

Director of Site operations, XING
[Read the Case Study]
  • Free Trial
  • Get a Quote
  • 1:1 Demo
  • Contact Us
  • Rely on Secure, Compliant Privilege Delegation
    Delegate privileges more securely than with sudo, without disclosing the root password on Unix, Linux, and Mac OS X platforms. Monitor sessions with DVR-style recording for a complete audit trail.

    Extend Group Policy to Achieve Compliance
    Enable consistent configuration enterprise-wide by extending native Group Policy management tools to include specific group policy settings for Unix, Linux and Mac. Supports compliance with SOX, PCI, HIPAA, and other regulations across all systems by replacing NIS with an Active Directory infrastructure.
    Leverage AD for Authentication and Authorization
    Centralize authentication and authorization to enable users to log into Unix, Linux, or Mac systems using their Active Directory usernames and passwords. A single password policy set in Active Directory applies to all joined systems, including Kerberos SSO to SAP, Siebel, and other key enterprise applications.
    Consolidate or Migrate Directories
    Facilitate migration from multiple authentication mechanisms, identities, and directories to a single Active Directory-based infrastructure for all systems and users. This centralizes control and speeds user onboarding and offboarding. PowerBroker Identity Services provides a pluggable framework with an interface similar to Microsoft's Management Console on Linux or Mac OS X.


    • Empower administrators: Provides a single, familiar tool set to manage both Windows and Unix systems.
    • Replace sudo: Granularly controls user access to programs, files, and directories as well as brokering system tasks, without sudo.
    • Robust: Supports flexible integration scenarios with Active Directory and other directory services, from basic authentication enablement to storage and lookup of PowerBroker policy data.


    • Secure logging: Centralized log data facilitates controlled access to session activity information.
    • Simplify policy management: Centralized policy store enables a single control point for managing user privileges.


    • Achieve compliance: Quickly meets access/authorization regulations as described in SOX, HIPAA, GLBA, PCI DSS, FDCC and FISMA.
    • Group policy: Enables one-to-many management of Unix, Linux, and Mac OS X configuration settings.
    • Track activity: Time-stamped logs for every administrative, user-level, and application activity ensures that no suspicious activity goes unnoticed.


    PowerBroker Servers Enterprise

    PowerBroker Servers Enterprise

    Download this overview document containing capabilities, highlights and competitive advantages of PowerBroker Servers Enterprise. PowerBroker Servers Enterprise enables centralized management of your Linux and Unix users, groups and computers with powerful integration with Microsoft Active Directory. PowerBroker protects against intentional or accidental misuse of privilege that would otherwise allow insiders and hackers to facilitate attacks executing privileged commands.

    Case Study

    XING Case Study

    XING Improves Security and Transparency of Access Rights with PowerBroker

    Read this Case Study of Xing's implementation PowerBroker Servers. XING is a social network for business professionals. With PowerBroker they improved overall security, supported an increase in the level of privileged accounts and enabled a less time-consuming process.

    Case Study

    A Smooth Road to Compliance for a Large Health Plan

    A Smooth Road to Compliance for a Large Health Plan

    As a Unix shop, this large health company also needed a solution that could perform the deep, credentialed scans required for real protection from vulnerabilities, while also protecting the system’s root password.

    Your Data Security Strategy Starts with Deploying a Least Privilege Model (part 2 of 2)


    In last week’s blog, we talked about how controls and accountability must be put into place so that only the right folks can access data and the systems on which that data resides, and that employing a least privilege model helps to achieve that and more. We’re using conclusions and data from a recent report... more

    Getting Least Privilege Right on Windows


    Windows doesn’t make least privilege easy Enforcing least-privilege access policies on Windows has never been easy – especially given some fundamental flaws have haunted the OS since the mid-1990s. Consider the following permissions issues: Windows 95 and 98 had a logon screen and could even be joined to the domain, but users could bypass the prompt... more

    Accelerate and Simplify Deployment of PowerBroker Privilege Management Solutions with Oracle VM Templates


    On April 17th, Oracle and BeyondTrust experts Doan Nguyen and Paul Harper shared how leveraging Oracle VM Templates can automate and simplify the deployment of the PowerBroker for UNIX & Linux privilege management solution across your IT environment. See below for an embedded, on-demand recording of the webcast. Oracle and BeyondTrust Team Up The partnership... more

    PowerBroker for Unix & Linux Now Available via Web Services


    This week BeyondTrust released a fully functional Web Services interface (REST API) for its PowerBroker for Unix & Linux product.  With this new feature users of the solution will now be able to remotely and securely configure and retrieve data via the API.  The Web Services interface implemented by BeyondTrust is an industry standard that... more

    The 5 Things Every Linux Administrator Should (and Should Not) Do When It Comes to Privileged Account Management


    When it comes to privileged account management the list of things an administrator can do to protect their environment is seemingly never ending. Last week we hosted a webinar with Oracle Linux and presented a list of 5 things every Linux administrator should, and should not, do when managing privileged accounts. Given the current security... more

    Privilege gone wild! Our latest survey finds privileged users are out of control.


    Did you know that 40% of employees have unnecessary access rights? What about that over 25% of employees admitted to having retrieved information not relevant to their job like financial, reports, salary info, HR and personnel docs? Now have I caught your attention? As our latest security survey proves, insider threats continue to be a... more

    Our Newest Product Release: PowerBroker Identity Services 7.5


    We are very excited for the announcement of our latest release of PowerBroker Identity Services 7.5, the industry’s most effective solution for bridging Linux, UNIX and Mac OS X assets into Active Directory. This latest update provides the strongest communications encryption to date, as well as the utmost flexibility with regards to event notification and management.... more

    Think You’re Safe from Internal Threats? The NSA Breach Will Make You Think Twice.


    When reading a recent article in the USA Today about how Edward Snowden, a former Booz Allen Hamilton employee and NSA contractor, was able to steal sensitive data via non-specific vectors, I was reminded of the illusion that threats are predominately external to organizations. Even though we might not know exactly how Snowden was able to... more

    BeyondTrust & Oracle, The Perfect Partnership


    No one will dispute that Oracle is a heavyweight when it comes to the relational database market, but Oracle is far more than a one trick pony.  Oracle has a plethora of enterprise products and hardware solutions that will fit the needs of almost any business.  However the key to success for many of the... more

    sudo authentication bypass when clock is reset


    A recent discovery by a German researcher, Marco Schoepl, found that it is possible for a user to bypass sudo authentication by resetting the clock. To read more about this vulnerability see the articles on and What we have found is that many highly secure customers have already adopted the timestamp_timeout=0 setting which... more

    See all PowerBroker Servers Enterprise blog posts

    VMware Plug-in for Retina

    The industry's first and only vulnerability management solution directly integrated into vCenter.


    Retina CS Enterprise Vulnerability Management

    Delivers large-scale, cross-platform vulnerability assessment and remediation, with available configuration compliance, patch management and compliance reporting.

    Learn More Request a Free Trial

    Retina CS Enterprise Vulnerability Management

    The Cofiguration Compliance Module can be purchased as an add-on to Retina CS, which delivers large-scale, cross-platform vulnerability assessment and remediation.

    Learn More

    Retina CS Enterprise Vulnerability Management

    The Patch Management Module can be purchased as an add-on to Retina CS, which delivers large-scale, cross-platform vulnerability assessment and remediation.

    Learn More

    Retina CS Enterprise Vulnerability Management

    The Regulatory Reporting Module can be purchased as an add-on to Retina CS, which delivers large-scale, cross-platform vulnerability assessment and remediation.

    Learn More

    Retina Network Security Scanner

    Integrated network, web & virtual vulnerability assessment. Retina is the security industry’s most respected and industry-validated security scanner and serves as the engine for our vulnerability management solutions. There is no better option for securing your network from vulnerabilities.

    Learn More

    Retina Web Security Scanner

    Rapidly and accurately scan large, complex web sites and web applications to tackle web-based vulnerabilities including cross-site scripting (XSS) and SQL injection.

    Learn More

    PowerBroker Event Vault

    Automate and streamline the collection and management of standard Windows event log data and provide scalable and flexible centralized storage in the PowerBroker event database.

    Learn More

    PowerBroker Identity Services

    Quickly and easily integrate your Unix and Linux servers into your Active Directory infrastructure.

    Learn More

    PowerBroker Identity Services Open Edition

    Available as a free and open source version of PowerBroker Identity Services, giving you the access and flexibility to tailor your Active Directory bridging project

    Download Now

    PowerBroker for Unix & Linux

    Quickly and easily manage root access on Unix and Linux servers, without ever disclosing the system password.

    Learn More Request a Free Trial

    PowerBroker for Windows

    Implement least privilege for your Windows desktop environment, reducing attack surface and driving down costs.

    Learn More Request a Free Trial

    PowerBroker Auditor
    for Active Directory

    Track unauthorized changes to Active Directory and Group Policy configurations.

    Learn More Request a Free Trial

    PowerBroker Auditor
    for Exchange

    Tracks and reports all changes made to all Exchange Server configurations, groups, mailbox policies, information store changes, and permissions in a centralized audit log.

    Learn More Request a Free Trial

    PowerBroker Auditor
    for File System

    Enables tighter security and control over file system resources, including real-time tracking, interactive analysis, and flexible reporting on all key share, file, and folder changes.

    Learn More Request a Free Trial

    PowerBroker Auditor
    for SQL Server

    Monitor and review privileged user changes on SQL servers. Easily map your SQL activities with regulatory mandates such as GLBA, SOX, HIPAA, and PCI through consistent auditing and reporting.

    Learn More Request a Free Trial

    PowerBroker Privilege Explorer

    Provides a centralized view of access and privileges, so you can be sure that users have access to the resources they need to do their jobs, and only those resources.

    Learn More Request a Free Trial

    PowerBroker Endpoint Protection Platform

    Formerly known as "Blink", multi-layered security and attack prevention for windows desktops and servers.

    Learn More Request a Free Trial

    PowerBroker Recovery
    for Active Directory

    Advanced continuous data protection for Active Directory, providing unparalleled visibility and change control.

    Learn More Request a Free Trial

    PowerBroker Servers Enterprise

    Combine the power of our Unix/Linux root delegation and our AD bridging for an enterprise approach to server compliance

    Learn More Request a Free Trial

    PowerBroker Password Safe

    Automate Password Management for Increased Security across your entire dynamic infrastructure.

    Learn More Request a Free Trial


    A cloud-based, external vulnerability assessment solution that conducts fast, affordable security assessments of your public-facing network infrastructure and web applications.

    Learn More Request a Free Trial


    Merge privileged account management and vulnerability management solutions into a single, contextual lens through which to view and address user and asset risk.

    Learn More Request a Free Trial

    Retina Protection Agent

    Close the security gap created by systems that can't be reached with remote vulnerability assessments alone with this lightweight agent for local vulnerability assessment, continuous zero-day vulnerability monitoring, and intrusion prevention.

    Learn More

    Configuration Compliance Module

    This Retina CS add-on module defines and manages security policies to monitor compliance with industry and internally developed benchmarks such as Microsoft, NIST, USBCG, and DISA STIGs.

    Learn More

    Patch Management Module

    This Retina CS add-on module seamlessly integrated, automated, agentless Windows patch management closes the loop on unpatched vulnerabilities.

    Learn More

    Regulatory Reporting Module

    This Retina CS add-on module contains automated solutions to help navigate complex corporate policies, government regulations, and industry standards such as SOX, PCI, FISMA, and ISO.

    Learn More

    BeyondInsight Built-In

    PowerBroker Servers Enterprise is part of the BeyondInsight IT Risk Management Platform, which unifies PowerBroker privileged account management solutions with Retina CS Enterprise Vulnerability Management. Capabilities include:

    • Centralized solution management and control via common dashboards
    • Asset discovery, profiling and grouping
    • Reporting and analytics
    • Workflow and ticketing
    • Data sharing between Retina and PowerBroker solutions

    The result is a fusion of user and asset intelligence that allows IT and security teams to collectively reduce risk across complex environments.

    PowerBroker Servers Enterprise

    Vulnerability Management

    Identifying, prioritizing, remediating, and mitigating
    computer and network vulnerabilities.

    Privileged Account Management

    Managing user authorization to prevent internal data
    breaches and meet compliance regulations.

    PAM & VM For
    Stronger IT Security