Integrate Endpoint Privilege Management for Windows with BeyondInsight
Overview
Endpoint Privilege Management combines privilege management and application control technology in a single lightweight agent. This scalable solution allows global organizations to reduce the attack surface of their endpoint estate by eliminating local admin rights, enforcing application controls and protecting against the techniques used by modern malware.
With the integration between U-Series Appliance, BeyondInsight, and Endpoint Privilege Management, you have a proven privilege management solution that transmits data about your endpoints and policies to a centralized management console with the reporting and analytic capabilities needed to reduce risk, maximize security, and empower users to work effectively.
Architecture
Prerequisites
- BeyondInsight version 6.9.0.712 or later
- Endpoint Privilege Management for Windows 5.4.228.0 or later
The Endpoint Privilege Management endpoints and the U-Series-BeyondInsight appliance communicate using TLS certificates for authentication of both parties. This guide details how to use the BeyondInsight default client certificate (eEyeEmsClient), but you may prefer to use your own Public Key Infrastructure (PKI).
For more information, see Use a Domain PKI for BeyondInsight Communication in the BeyondInsight Installation Guide.
Port Requirements
| TCP Port 443 |
An event service is used to communicate between Endpoint Privilege Management and BeyondInsight using port 443. Events from Endpoint Privilege Management are sent to BeyondInsight using this service. Communications over this channel is secured by means of a client certificate. This connection is from the endpoint to the appliance where BeyondInsight is hosted. No ports need to be open on the client side. |
| TCP Port 1443 | Required for the SQL Server database connection from the event server to the server where the database is hosted. |
For information on integrating BeyondTrust Endpoint Privilege Management for Mac with BeyondInsight, see the Endpoint Privilege Management for Mac Integration Guide.
Web Policy Editor and Reporting
- The Web Policy Editor (WPE) is available in BeyondInsight versions 22.1 and later.
- Endpoint Privilege Management Reporting (PMR) is available in BeyondInsight versions 6.10 and later.
To integrate PMR in versions of BeyondInsight prior to 23.1, please contact your BeyondTrust representative for assistance with installing and configuring.
The Web Policy Editor and Endpoint Privilege Management Reporting features are not installed out of the box with BeyondInsight.
Detailed documentation on using WPE and PMR is available in the BeyondInsight User Guide.
