Skip to content

What can we help you with?

Contact Us Chat with Sales Get Support

Unix & Linux Systems are High Value Targets

Unix & Linux systems present high-value targets for external attackers and malicious insiders. The same holds true for networked devices, such as IoT, ICS and SCADA. Gaining root or other privileged credentials makes it easy for attackers to fly under the radar and access sensitive systems and data.

BeyondTrust Privilege Management for Unix & Linux is an enterprise-class, gold-standard privilege management solution that helps security and IT organizations achieve compliance, control privileged access, and prevent and contain breaches that can affect Unix & Linux systems. Extend capabilities far beyond sudo with centralized administration, session monitoring and management, file integrity monitoring, and powerful productivity enhancement.

Control Root Access

Provide fine-grained privilege elevation rules to perform only specific tasks or commands.

Audit User Activity

Protect against unauthorized changes to files, scripts, and directories.

Monitor and Replay

Detect suspicious user, accounts, and asset activity in real time or on replay.

The BeyondTrust Privilege Management for Unix and Linux implementation was very successful. All server access is limited—even via SSH. The auditors can easily see that procedures are being followed and our IT employees are able to remain productive.

SVP Systems / Recovery, CTO, DCI

Highlighted Features

Auditing and Governance

Analyze user behavior by collecting, securely storing, and indexing keystroke logs, session recordings, and other privileged events.

Fine Grained Least Privilege

Elevate privileges for standard users on Unix and Linux through fine-grained, policy-based controls.

Remote System App Control

Enable users to run specific commands and conduct sessions remotely based on rules without logging on as admin or root.

Dynamic Access Policy

Utilize factors such as time, day, location and application/asset vulnerability status to make privilege elevation decisions.

File and Policy Integrity Monitoring

Audit and report on changes to critical policy, system, application and data files.

Threat Reporting and Analytics

Correlate user behavior against asset vulnerability data and security intelligence from best-of-breed security solutions.

Highlighted Integrations

Password Management

Combine Privilege Management with your password vault to increase security and obfuscate passwords.

SIEM, Such as Splunk

Leverage built-in syslog capabilities to send information from every event type to Splunk or any other SIEM solution.

PuTTy and Other Terminals

Connect to nearly any terminal emulator with a simple line of code and access systems with the privileges you've defined.

How Privilege Management Works

Endpoint Privilege Management for Unix & Linux: Key Components Explained

First, there’s a client installed on a server. This is used to initiate any sort of elevated commands.

These commands are sent off to the second component, which is the policy server. The policy server evaluates the policy and decides centrally based on your business rules who is authorized to run what commands, as well as where and when they can run them.

These commands are recorded in the event log, so we know which commands were attempted and whether or not they ran elevated.

The session recorder then starts a session recording on the policy server before the command is elevated.

Finally, the client runs the command as the run user.

This architecture allows for both centralized policy management and centralized auditing. Rather than capturing logs locally on the machine where the user has been given root access, logs are captured off the host the user is logged into and where they're trying to elevate.