BeyondTrust Privileged Remote Access lets you control access to critical systems without hindering the work privileged users need to perform. You can define how users connect, monitor sessions in real time, and record every session for a detailed audit trail, and end users get a simple, easy to use console.
Enforce a policy of least privilege by giving users just the right level of access needed for their roles with individual accountability for shared accounts. Define what endpoints users can access, schedule when they can access them, and whitelist / blacklist applications for a comprehensive approach to privileged access. Control and monitor sessions via a secure agent or using standard protocols for RDP, VNC, Web, and SSH connections.
Set authorization and notification preferences to be alerted when a user is accessing Privileged Remote Access. Administrators can use their mobile devices to approve requests and monitor access usage from anywhere.
Drive rapid adoption with a security solution that lets users do their jobs faster and easier than they do today and can be deployed in just a few days. By automating processes with features like credential injection and integrations with SIEM and change management solutions, your technicians can increase productivity and security at the same time.
Transfer files within the session, using the thick client or browser based console.
Administrators and IT teams can consolidate the tracking, approval, and auditing of privileged accounts in one place.
Require all connections to be brokered through a single access pathway, reducing the attack surface while providing a single list of authorized endpoints available for each user.
End user experience will also improve as all endpoints are accessed in single interface.
Effectively manage privileged access to business assets that leverage web-based management consoles, including IaaS servers, hypervisor environments, and web-based configuration interfaces for core network infrastructure.
Advanced Web Access can be configured to work across any solution that leverages a web interface for management, including Amazon Web Services, Google Cloud, VMware vSphere, Citrix XenServer, Microsoft Hyper-V, Microsoft Azure, IBM Softlayer, and Rackspace.
Use mobile apps or a web-based console for privileged access anytime, anywhere. In addition to desktop consoles for Windows, Mac, and Linux, BeyondTrust Privileged Remote Access includes mobile apps and a browser console.
Native mobile apps give users secure access over cellular / WiFi networks from Android or iOS devices, only to allowed endpoints.
The BeyondTrust Privileged Remote Access web console enables privileged access from the browser without installing software locally.
Satisfy internal and external compliance requirements with comprehensive audit trails, session forensics and other reporting features. Capture detailed session data for real time or post session review.
Administrators can review and monitor the use of privileged accounts, and easily provide attestation reports to prove compliance.
Privileged Remote Access eliminates the need for privileged users to remember or share credentials for the systems they need to access. Passwords can be stored in the on-appliance vault. Or you can integrate PRA with BeyondTrust Password Safe or another Password Management Solution.
This password component enables our credential injection capabilities. Instead of requiring privileged users to know usernames and passwords for each endpoint, we can store those credentials securely. And then, using API functionality, we can retrieve those credentials and inject them directly into a session.
This means you don’t need to expose credentials, giving you more control and flexibility around those accounts.
IT teams want to get tools into vendors and employee’s hands quickly, but onboarding new third parties, vendors, or suppliers can be a time-consuming and repetitive process – one that’s ripe for automation. However, one of the most important parts of managing third-party risk is having good onboarding processes when giving these entities access. With Vendor Onboarding, users can securely eliminate manual overhead of managing vendor teams and users by delegating portions of the vendor user administration to trusted sub-admins/vendor admins. Helping eliminate shared accounts while providing an easier path to adding new vendor users as they onboard vs. the existing methodology and manual efforts.
Administrators can delegate the management of vendor and internal users to a trusted vendor administrator, or another internal user. Administrators can create a new Group Policy type in order to better onboard and manage vendor or other users. Once the PRA Admin defines the policy settings for the new Group Policy and assigns a Vendor Admin to that policy, the Vendor Admin can manage the onboarding and offboarding of managed users for the specified policy. Additionally, Notification and Approval workflows are available for the User onboarding process. This functionality is designed to decrease the manual administration requirements of Vendor management, as well as provide a quicker path to Access for new users.