PowerBroker UNIX & Linux: Privilege and Session Management
Achieve control over root account privileges with centralized analytics, reporting, and keystroke logging. Reduce risk and address compliance concerns more comprehensively than with sudo.
Proven Privilege and Session Management for
UNIX, Linux and Mac Servers
PowerBroker for UNIX & Linux allows system administrators to delegate UNIX, Linux and Mac OS X privileges and authorization without disclosing passwords for root or other accounts. The solution can also record all privileged sessions for audits, including keystroke information. Use PowerBroker to meet the privileged access control requirements of government and industry mandates including SOX, HIPAA, PCI DSS, GLBA, PCI, FDCC and FISMA.
- Enable users to perform specified administrative tasks without disclosing passwords
- Integrate all policies, roles and log data via a web-based console
- Automate workflows for policies and audit-ready logging
- Broker permissions transparently, ensuring user productivity and compliance
- Record and index all sessions for quick discovery during audits
- Leverage across more than 30 different Unix/Linux platforms
“In PowerBroker for Servers, we found a cost-effective, robust solution for securely managing privileged access, satisfying compliance regulations and increasing productivity.”Enterprise Systems Team Lead,Los Alamos National Laboratory
[Read the Case Study]
- Achieve Control and Accountability
- Enhance security through fine-grained, policy-based control of privileged accounts. Conduct asset and privilege discovery. Prevent unapproved privileged account activity. Granularly delegate root admin privileges. Achieve policy driven command elevation and auditing with no change to the user experience.
- Comply with Ease
- Compartmentalize IT tasks that require privileged accounts, enabling segregation of duties. Gain visibility through detailed, centralized event logs of elevated commands and keystroke logging capabilities, featuring DVR-style recording of all activity performed by the user.
- Migration Path from SUDO
- With support for more than 30 UNIX/Linux platforms, PowerBroker is one of the most comprehensive solutions to enable users to run commands at a higher privilege level. This breadth, in addition to industry-standard encryption, provides the confidence to replace existing open-source options such as sudo with a commercially supported solution.
- Gain Greater Insights to Reduce Risk
- Free for all PowerBroker for UNIX & Linux customers, the fully-integrated BeyondInsight IT Risk Management platform provides advanced features including dynamic asset discovery and targeting, flexible alerting and reporting, advanced analytics, and centralized I/O index and search capabilities.
- Segregation of Duties: Centralized control allows for true separation of duties, limiting users, administrators and auditors access to only the data relevant to them.
- Flexible Authentication & Authorization: Pluggable Authentication Module (PAM) support enables PowerBroker for UNIX & Linux to utilize industry-standard authentication systems.
- Track activity: Time-stamped logs for every administrative, user-level, and application activity ensures that no suspicious activity goes unnoticed.
- Secure logging: Centralized log data facilitates controlled access to session activity information
- Encrypted: Supports 30 encryption methods for policies, logs, and network traffic, assuring compatibility within virtually any IT infrastructure. Ensures all user and admin activity are encrypted to selectable, industry-standard algorithms and stored in a secure, centralized location.
- Granular delegation of privileged accounts: Partitions privileged accounts such as root, granting users and admins access to only the specific entitlements required to perform a given task, achieving a least-privilege model.
- Centralized administration and auditing: Greatly reduces the administration and overhead normally associated with policies and audit tasks.
- Flexible Policy Language: Determines who can do what, where, when, and why providing granular options to the administrator.
- Extensive platform support: Supports over 175 UNIX, Linux, and Mac OSX platforms (full list).
- User management: Granularly controls user access to programs, files, and directories as well as brokering system tasks, without sudo.
PowerBroker UNIX & Linux
Download this overview document containing capabilities, highlights and competitive advantages of PowerBroker for UNIX & Linux. PBUL allows system administrators to delegate UNIX, Linux and Mac OS X privileges and authorization without disclosing passwords for root or other accounts. The solution can also record all privileged sessions for audits, including keystroke information.
DCI Exceeds Compliance Requirements for Privilege and Password Management
DCI implements PowerBroker Unix & Linux and PowerBroker Password Safe to meet immediate compliance needs, while future-proofing their processes for upcoming financial services regulations.
Multinational Bank Integrates PBUL with its Own Custom Permissions System to Achieve Global Compliance
BeyondTrust assist a well-known banking and finance company with a custom integration between the bank’s current home-grown privilege management system and PowerBroker UNIX and Linux.
Improving Efficiency in IT Administration via Automated Policy Workflows in UNIX/Linux
This white paper highlights recommended steps to successfully implement automated policy management processes within UNIX/Linux systems using the privileged access lifecycle management framework. Lastly, we will focus on PSMC, the unifying platform solution to centralize policies, reporting and workflow engines, and deliver higher manageability, security and compliance capabilities.
PowerBroker Root Access Risk Control for the Enterprise
Compliance efforts and security concerns have driven businesses to make substantial investments in threat control. Too often, however, these efforts pay far too little heed to the risks posed by poorly controlled access to administrative privilege in IT, which can have a hugely disproportionate impact on the business.
Successfully Securing the Open Source Enterprise Privileged User Management in Linux Environments
Linux mastermind Sander van Vugt gives an overview of the current options that are available in the Linux operating system and discusses some features that can cause potential problems in modern enterprise environments.
Windows doesn’t make least privilege easy Enforcing least-privilege access policies on Windows has never been easy – especially given some fundamental flaws have haunted the OS since the mid-1990s. Consider the following permissions issues: Windows 95 and 98 had a logon screen and could even be joined to the domain, but users could bypass the prompt... more
Accelerate and Simplify Deployment of PowerBroker Privilege Management Solutions with Oracle VM Templates
On April 17th, Oracle and BeyondTrust experts Doan Nguyen and Paul Harper shared how leveraging Oracle VM Templates can automate and simplify the deployment of the PowerBroker for UNIX & Linux privilege management solution across your IT environment. See below for an embedded, on-demand recording of the webcast. Oracle and BeyondTrust Team Up The partnership... more
This week BeyondTrust released a fully functional Web Services interface (REST API) for its PowerBroker for Unix & Linux product. With this new feature users of the solution will now be able to remotely and securely configure and retrieve data via the API. The Web Services interface implemented by BeyondTrust is an industry standard that... more
The 5 Things Every Linux Administrator Should (and Should Not) Do When It Comes to Privileged Account Management
When it comes to privileged account management the list of things an administrator can do to protect their environment is seemingly never ending. Last week we hosted a webinar with Oracle Linux and presented a list of 5 things every Linux administrator should, and should not, do when managing privileged accounts. Given the current security... more
Did you know that 40% of employees have unnecessary access rights? What about that over 25% of employees admitted to having retrieved information not relevant to their job like financial, reports, salary info, HR and personnel docs? Now have I caught your attention? As our latest security survey proves, insider threats continue to be a... more
We are very excited for the announcement of our latest release of PowerBroker Identity Services 7.5, the industry’s most effective solution for bridging Linux, UNIX and Mac OS X assets into Active Directory. This latest update provides the strongest communications encryption to date, as well as the utmost flexibility with regards to event notification and management.... more
When reading a recent article in the USA Today about how Edward Snowden, a former Booz Allen Hamilton employee and NSA contractor, was able to steal sensitive data via non-specific vectors, I was reminded of the illusion that threats are predominately external to organizations. Even though we might not know exactly how Snowden was able to... more
No one will dispute that Oracle is a heavyweight when it comes to the relational database market, but Oracle is far more than a one trick pony. Oracle has a plethora of enterprise products and hardware solutions that will fit the needs of almost any business. However the key to success for many of the... moreSee all PowerBroker UNIX & Linux blog posts
PowerBroker Servers for UNIX & Linux is part of the BeyondInsight IT Risk Management Platform, which unifies PowerBroker privileged account management solutions with Retina CS Enterprise Vulnerability Management. Capabilities include:
- Centralized solution management and control via common dashboards
- Asset discovery, profiling and grouping
- Reporting and analytics
- Workflow and ticketing
- Data sharing between Retina and PowerBroker solutions
The result is a fusion of user and asset intelligence that allows IT and security teams to collectively reduce risk across complex environments.
Identifying, prioritizing, remediating, and mitigating
computer and network vulnerabilities.
Privileged Account Management
Managing user authorization to prevent internal data
breaches and meet compliance regulations.