PowerBroker for sudo

PowerBroker for Sudo

Sudo Security

Centralized policy, logging and version control for sudo activities

Centralized Sudoers Management with Change Control

BeyondTrust PowerBroker for Sudo provides centralized policy, logging and version control with change management for multiple sudoers files. The solution simplifies policy management, improves log security and reliability, and increases visibility into entitlements. This makes it easier for you to securely manage on low-priority servers or in areas where completely replacing sudo is not feasible. When ready, you can then utilize PowerBroker for Sudo along with PowerBroker for Unix & Linux for comprehensive privilege management.

  • Implement a centralized repository with change management functionality
  • Provide storage for multiple sudoer configurations for all individual hosts
  • Centralize event logs and session logs into a single store
  • Define user/host roles across the enterprise with enhanced policy groupings
Centralize to Simplify

Centralize to Simplify

Centralize multiple sudoers files in a repository with change management. Enhanced policy groupings help to more easily define user roles across the enterprise.

Migration Path to Full Unix and Linux Privilege Management

Migration Path to Full Unix and Linux Privilege Management

Central database, sudo policy, management, logging and change control provides a simplified migration strategy for customers looking to move from sudo.

Single Console for Management, Policy

Single Console for Management, Policy

Deployments, upgrades and policies for PowerBroker for Unix & Linux, PowerBroker Identity Services and PowerBroker for Sudo are unified in the PowerBroker Servers Management Console, an HTML5-based web interface that simplifies management of your Unix and Linux solutions.


Centralize policy files:

Move all ‘sudoers’ to a single manageable location.

Group, Individual or Hybrid:

Group hosts with common ‘sudoers’ file; one to one mapping of ‘sudoers’ files, or hybrid configuration.

Full Change Management:

Approve changes, version control and roll-back of centralized ‘suoders’ files.


Centralized Eventlog:

All commands elevated using ‘sudo’ will be recorded in the centralized powerbroker eventlog.

Centralized Session Logs:

Securely transmit and store keystroke logs to a dedicated and centralized server.