Integrate BeyondTrust Privilege Management for Windows with BeyondInsight

Overview

Privilege Management combines privilege management and application control technology in a single lightweight agent. This scalable solution allows global organizations to reduce the attack surface of their endpoint estate by eliminating local admin rights, enforcing application controls and protecting against the techniques used by modern malware.

With the integration between U-Series Appliance, BeyondInsight, and Privilege Management, you have a proven privilege management solution that transmits data about your endpoints and policies to a centralized management console with the reporting and analytics capabilities needed to reduce risk, maximize security and empower users to work effectively.

For information on integrating BeyondTrustPrivilege Management for Mac with BeyondInsight, please see the Privilege Management for Mac Integration Guide.

The Web Policy Editor (WPE) is not installed out of the box with BeyondInsight. Please contact your BeyondTrust representative for assistance with installing the WPE and its associated WPE service in your BeyondInsight environment.

Architecture

BeyondInsight and Privilege Management architecture diagram

Prerequisites

  • BeyondInsight version 6.9.0.712 or later
  • Privilege Management for Windows 5.4.228.0 or later

The reporting component is available in BeyondInsight versions 6.10 and later releases. The Web Policy Editor component is available in BeyondInsight versions 22.1 and later releases. Please contact BeyondTrust Technical Support if you are interested in accessing these features.

The Privilege Management endpoints and the U-Series-BeyondInsight appliance communicate using TLS certificates for authentication of both parties. This guide details how to use the BeyondInsight default client certificate (eEyeEmsClient), but you might prefer to use your own Public Key Infrastructure (PKI).

For more information, please refer to Use a Domain PKI for BeyondInsight Communication in the BeyondInsight Installation Guide.

Network Considerations

TCP Port 443

An event service is used to communicate between Privilege Management and BeyondInsight using port 443. Events from Privilege Management are sent to BeyondInsight using this service. Communications over this channel is secured by means of a client certificate.

This connection is from the endpoint to the appliance where BeyondInsight is hosted. No ports need to be open on the client side.

TCP Port 1443 Required for the SQL Server database connection from the event server to the server where the database is hosted.