Integrate Endpoint Privilege Management for Mac and BeyondInsight
Overview
Endpoint Privilege Management combines privilege management and application control technology in a single lightweight agent. This scalable solution allows global organizations to reduce the attack surface of their endpoint estate by eliminating local admin rights, enforcing application controls and protecting against the techniques used by modern malware.
With the integration between U-Series Appliance, BeyondInsight, and Endpoint Privilege Management, you have a proven privilege management solution that transmits data about your endpoints and policies to a centralized management console with the reporting and analytic capabilities needed to reduce risk, maximize security, and empower users to work effectively.
Architecture
Prerequisites
- BeyondInsight version 6.9.0.712 or later
- Endpoint Privilege Management for Mac 5.4.51.0 or later
Verify all BeyondInsight and Endpoint Privilege Management components are properly installed in your environment.
For more installation information, see:
- BeyondInsight installation: BeyondInsight Installation Guide.
- Endpoint Privilege Management for Mac: Mac Administration Guide.
Port Requirements
| TCP Port 443 |
An event service is used to communicate between Endpoint Privilege Management and BeyondInsight using port 443. Events from Endpoint Privilege Management are sent to BeyondInsight using this service. Communications over this channel is secured by means of a client certificate. This connection is from the endpoint to the appliance where BeyondInsight is hosted. No ports need to be open on the client side. |
| TCP Port 1443 | Required for the SQL Server database connection from the event server to the server where the database is hosted. |
For information on integrating BeyondTrustEndpoint Privilege Management for Windows with BeyondInsight, see the Endpoint Privilege Management for Windows Integration Guide.
Web Policy Editor and Reporting
- The Web Policy Editor (WPE) is available in BeyondInsight versions 22.1 and later.
- Endpoint Privilege Management Reporting (PMR) is available in BeyondInsight versions 6.10 and later.
To integrate PMR in versions of BeyondInsight prior to 23.1, please contact your BeyondTrust representative for assistance with installing and configuring.
The Web Policy Editor and Endpoint Privilege Management Reporting features are not installed out of the box with BeyondInsight.
Detailed documentation on using WPE and PMR is available in the BeyondInsight User Guide.
