for Unix & Linux

Achieve control over root account privileges with centralized analytics, reporting, and keystroke logging. Reduce risk and address compliance concerns more comprehensively than with sudo.

Proven Privilege and Session Management for Unix & Linux Servers

PowerBroker for Unix & Linux allows system administrators to delegate Unix and Linux privileges and authorization without disclosing passwords for root or other accounts. The solution can also record all privileged sessions for audits, including keystroke information. Use PowerBroker to meet the privileged access control requirements of government and industry mandates including SOX, HIPAA, PCI DSS, GLBA, PCI, FDCC and FISMA.

  • Enable users to perform specified administrative tasks without disclosing passwords
  • Integrate all policies, roles and log data via a web-based console
  • Automate workflows for policies and audit-ready logging
  • Broker permissions transparently, ensuring user productivity and compliance
  • Record and index all sessions for quick discovery during audits
  • Leverage across more than 30 different Unix and Linux platforms

Need help easing the pain of managing sudo? Check out PowerBroker for Sudo, which provides centralized policy, logging and version control with change management for multiple sudoers files.

Achieve System-Level Control and Accountability

Achieve System-Level Control and Accountability

Enhance security through fine-grained, role-based policy control of privileged accounts. Conduct asset and privilege discovery. Prevent unapproved privileged account activity. Granularly delegate root admin privileges. Achieve policy driven command elevation and auditing – down to the system level – with no change to the user experience.

Migration Path from Sudo

Migration Path from Sudo

With support for more than 30 Unix and Linux platforms, PowerBroker is one of the most comprehensive solutions to enable users to run commands at a higher privilege level. This breadth, in addition to industry-standard encryption, provides the confidence to replace existing open-source options such as sudo with a commercially supported solution.

Comply with Ease

Comply with Ease

Compartmentalize IT tasks that require privileged accounts, enabling segregation of duties. Gain visibility through detailed, centralized event logs of elevated commands and keystroke logging capabilities, featuring DVR-style recording of all activity performed by the user. Enable change management of all settings and policy configurations, including rollback.

Gain Greater Insights to Reduce Risk

Gain Greater Insights to Reduce Risk

Free for all PowerBroker for Unix & Linux customers, the fully-integrated BeyondInsight IT Risk Management platform provides advanced features including dynamic asset discovery and targeting, flexible alerting and reporting, advanced analytics, and centralized I/O index and search capabilities.


System-level control and audit: Provides control over applications down to the system level, regardless of how the application is initiated.

Segregation of duties: Centralized control allows for true separation of duties, limiting users, administrators and auditors access to only the data relevant to them.

Flexible authentication and authorization: Pluggable Authentication Module (PAM) support enables PowerBroker for Unix & Linux to utilize industry-standard authentication systems.

Track and record activity: Time-stamped logs for every administrative, user-level, and application activity ensures that no suspicious activity goes unnoticed. DVR-style recording and indexing ensures all activity is available for quick discovery and playback.


Granular delegation of privileged accounts: Partitions privileged accounts such as root, granting users and admins access to only the specific entitlements required to perform a given task, achieving a least-privilege model.

Centralized administration and auditing: Greatly reduces the administration and overhead normally associated with policies and audit tasks.

Flexible policy language: Determines who can do what, where, when, and why providing granular options to the administrator.

Extensive platform support: Supports over 175 Unix and Linux platforms (full list).

User management: Granularly controls user access to programs, files, and directories as well as brokering system tasks, without sudo.


Secure logging: Centralized log data facilitates controlled access to session activity information.

Encrypted: Supports 30 encryption methods for policies, logs, and network traffic, assuring compatibility within virtually any IT infrastructure. Ensures all user and admin activity are encrypted to selectable, industry-standard algorithms and stored in a secure, centralized location.

Use Cases

Reducing Insider Risks with PowerBroker for Unix & Linux Servers

Related Resources: Get the most out of PowerBroker for Unix & Linux