BeyondTrust
blog-windows-quarantine


We are pleased to announce the availability of PowerBroker for Windows version 7.0, released today and building on patented least privilege management capabilities. This release is packed with enhancements meant to further simplify least privilege management and deployments. Read on to learn what’s new...


Windows 10 Support

PowerBroker for Windows version 7.0 includes support for the newest Microsoft operating system, Windows 10.

Stacking Policies Add Granularity to Policy Management via Web Services

Many organizations require greater granularity of access policy than what typical web services can provide. For example, every user in a company can perform a basic set of actions, but for a select group of computers in the company, there should be a special set of policies applicable only to them. If they choose to use web services instead of Group Policy for policy management, the company should have the same capability available to them and not be limited by a single policy set.

PowerBroker for Windows version 7.0 adds greater granularity to policy management delivered through web services with new stacking policies. This aggregation of policy sets provides similar capability found in our Group Policy management, but delivered via web services instead.

Item-Level Targeting for Web Services Improves Control over Policies

To further enhance capabilities of the PowerBroker for Windows Web Services model, Item-Level Targeting for Collections and Individual Rules have been added into the Policy Editor. This is the same targeting functionality available from the Group Policy model of policy management and allows for better control of applications without having to apply multiple policy sets.

New Quarantine Rules Enable Privilege Polices Based on Threat Intelligence

PowerBroker for Windows feeds event data on executed applications into BeyondInsight, BeyondTrust’s IT Risk Management Platform. This data includes, for example, whether the privilege elevation rule is working. In all events, a hash is in the background. BeyondInsight runs the hashes through Clarity Threat Analytics, with malware confidence reporting back as low, medium or high. Based on an organization’s threat tolerance, if there is a high confidence that malware is present in the file, PowerBroker for Windows can quarantine that file from the system.

This capability compliments PowerBroker for Windows’ Privilege Identity, Application Control, and Vulnerability based rules and enables more informed security decisions to be made based on very comprehensive threat intelligence, and allowing organizations get more from their security investments. Files can also be restored from quarantine using this new functionality.

Service Account Credential Automation through PowerBroker Password Safe

In the Windows operating system, one of the properties of each of the services running on the box is the account used to start it up; the ‘Log On As’ property. As with any other credential, these service accounts should be properly managed to prevent misuse. However, admins would have to go to any services that the account is in control of so that it starts with the right credentials, meaning cycling service account passwords can quickly become an administrative nightmare.

PowerBroker for Windows version 7.0 solves this problem. For service accounts with credentials managed by PowerBroker Password Safe, organizations can automate the cycling of service account credentials through PowerBroker for Windows when a connection between the Windows machine and Password Safe was not available during the scheduled password change. This level of automation greatly simplifies password management on critical service accounts.

If you would like to learn more about these new capabilities, check out the What’s New features document, watch a short video, or contact us today.

You May Also Be Interested In: