PowerBroker for Unix & Linux
Server Privilege Management and Session Management
Protect privileged accounts, prevent and contain breaches, and achieve compliance on Unix & Linux systems. PowerBroker enables you to eliminate credential sharing, limit root access, and ensure accountability – without hurting productivity.
Comprehensive Unix & Linux Privilege and Session Management to Protect Your Most Critical Systems
It’s no secret that Unix and Linux systems present high-value targets for external attackers and malicious insiders alike. You can expect to be breached if you share credentials, provide unfettered root access, or let files and sessions go unmonitored. Gaining root or other privileged credentials makes it easy for attackers to fly under the radar and access sensitive systems and data. And the risk only increases as attack surfaces expand, perimeters vanish, attackers get smarter, and compliance pressures mount.
PowerBroker for Unix & Linux is an enterprise-class, gold-standard privilege management solution that helps security and IT organizations achieve compliance, control privileged access, and prevent and contain breaches that can effect Unix and Linux systems.
- Monitor and audit sessions for unauthorized access, changes to files and directories, and compliance
- Reduce attack surfaces by eliminating credential sharing, enforcing least privilege, and elevating commands without requiring users to have root access
- Analyze behavior to detect suspicious user, account and asset activity
- Centralize management, policy and reporting
With over 30 years of experience in server privilege management, BeyondTrust knows what it takes to protect your critical, tier-1 systems, and help you reduce risk and achieve compliance.
When deployed as part of the PowerBroker Server Privilege Management solution, PowerBroker for Unix & Linux enables you to disrupt all stages of the cyber attack chain. The solution combines best-in-class privilege, password and vulnerability management on top of a centralized reporting and analytics platform. As a result, you can efficiently reduce your organization’s attack surface, prevent lateral movement by attackers, and actively detect and respond to in-progress breaches.
Auditing & Governance
Analyzes user behavior by collecting, securely storing and indexing keystroke logs, session recordings and other privileged events.
Fine-Grained Least Privilege
Elevate privileges for standard users on Unix and Linux through fine-grained, policy-based controls.
Dynamic Access Policy
Utilize factors such as time, day, location and application/asset vulnerability status to make privilege elevation decisions.
Remote System & Application Control
Enable users to run specific commands and conduct sessions remotely based on rules without logging on as admin or root.
File & Policy Integrity Monitoring
Audit and report on changes to critical policy, system, application and data files.
Privileged Threat Analytics
Correlate user behavior against asset vulnerability data and security intelligence from best-of-breed security solutions.
ENSURE COMPLIANCE
Speed forensics and simplify compliance by providing an unimpeachable audit trail of all user activity
Enable compliance through the compartmentalization of IT tasks that require privileged accounts
Reduce risk by ensuring that critical files and policies have not been tampered with
SECURE CRITICAL SYSTEMS AND FILES
Limit attack surfaces by providing just enough access to complete a task, and preventing the use of the root account
Keep systems safe by only allowing approved applications and commands to be executed
Reduce attack surfaces by helping IT make privilege decisions based on context and risk
Protect critical files from malware and privilege misuse
Eliminate workarounds or gaps that could lead to exploits
Reduce the risk that user activity can lead to a potentially damaging data breach
IMPROVE EFFICIENCY
Enhance user productivity by simplifying processes that are complex with native tools or sudo
Simplify management, and speed deployments and upgrades
Reducing Insider Risks with PowerBroker for Unix & Linux Servers
1 Remove the Need to Login as Root
PowerBroker for Unix & Linux implements a true least privilege delegation model, allowing users to run any command at a higher privilege level so long as allowed by the centralized policy. Removing the need for users to logon as root allows the root user account to have much tighter security controls or be moved to a password management system such as PowerBroker Password Safe.
2 Achieve Compliance for Root
PowerBroker for Unix & Linux allows standard named user accounts to elevate to a root level with full session logging, providing a centralized indelible audit trail and ultimate accountability for each individual system administrator.
3 Make Up for sudo's Shortfalls
PowerBroker for Sudo provides a way to quickly and simply centralize one or more sudoers files. Connecting hosts can be optionally grouped or run in a hybrid of one to one plus grouped hosts, allowing simple and controlled access to specific sudoers files located on one or more centralized servers based on the requesting hosts group membership.
4 Seamlessly Integrate with Password Management
PowerBroker for Unix & Linux integrates seamlessly with PowerBroker Password Safe. This allows you to control both what users can access and what they can do once they have access.
