PowerBroker Password Safe version 6.4 improves on key features and capabilities in session management, adaptive workflow, and password management with unmatched levels of security, scalability and control.
New Features PowerBroker Password Safe 6.4
Streamlined Single InterfaceBeyondTrust PowerBroker Password Safe now has a single interface for users, administrators, and auditors alike. Improved contextual navigation allows admins to quickly jump from configuration to managing account properties to releasing sessions, in an instant. The Password Safe user portal and menu have additionally been localized into Spanish, Japanese, Korean, and Brazilian Portuguese. This new, intuitive interface makes it even easier for users to speedily navigate through the application. A new slide out navigation bar on the left allows common activities to be quickly selected, and Smart Links at the top of the screen provide quick access to related tasks.
Account Management Improvements
Execute tasks en masse using multi-select optionTo help IT administrators streamline operational functions, PowerBroker Password Safe version 6.4 lets administrators filter and select managed accounts to perform tasks like: Managed Account Deletion Remove accounts in bulk Bulk Password Change Instantly schedule mass password changes in the event of emergencies Bulk Unlinking Remove all linked systems from a managed Active Directory Account
Session Management Improvements
Protect Privileged Session Privacy with Auto Disconnect and LogoffOften it is necessary to log a user out of a running session when the session time expires. PowerBroker Password Safe Version 6.4 adds auto log-off capability, selectable via Access Policy. Additionally, for cases where users may be accidentally disconnected from the session proxy and potentially sensitive information may be exposed in the RDP session to the next user, a new ‘Log-off on disconnect’ option is now available in the access policy. To help Admins know when their sessions will be logged out, a new countdown timer overlay displays in the top left corner of a running RDP session, and on the window title bar of an active SSH session.
Other Session Management ImprovementsGeneral
- Proxy error message improvements
- Keystroke logging / Enhanced Session Auditing may be disabled via access policy
- The session token timeout may be configured in global settings
- Font Smoothing is now enabled by default
- Support for full 2FA is provided for DirectConnect
- Improved polling for instant status update
- All text pasted into RDP sessions is now audited and indexed
Maintain Productivity with Remote Proxy SelectionOften, in large distributed installations, network latency can slow down performance of either a remote web portal, or remote proxy. PowerBroker Password Safe 6.4 allows organizations to enjoy the best of both worlds, and have users choose a portal that is performant, and then identify a Session Management Proxy that provides the fastest connection to any given managed resource. Password Safe Worker Nodes may be configured independently for easy identification, and default assignment to specific sets of managed resources.
Additional ImprovementsActive Directory
- Capture and store UPN and SAM account name on Functional Accounts
- Unix/Linux Systems - Account Name format
- New PostgreSQL connector
- Cloud Accounts - concurrent request support
- Max password rotation up to 999 days
- Max concurrent requests supported for Database platforms
- Improved Auditing - Access Policies
- Managed Credentials for AD Groups and Directory Queries
- Services - Dependencies Supported Smart Rule Assignment tab for Managed Accounts
- Managed Account Smart Rule identification tab
API ChangesNew APIs
- Updates an existing Asset by ID.
- Get and delete a Smart Rule by title
- Locks an active session.
- Password Safe 'Applications' endpoint
- Password Safe Application-based request and session support
- Password Safe 'LinkedAccounts' endpoint
- Password Safe 'QuickRules' endpoint
- Supporting Password Safe 'ManagedAccounts' APIs for Smart Rules and Quick Rules
- Password Safe Remote Session Proxy support
- POST Auth/SignAppin and all subsequent requests have improved performance.
- POST Requests - Allow concurrent requests for database platforms.
- POST Assets - Now accepts OperatingSystem.
- All Asset API response bodies now return CreateDate.
- Users with 'Password Safe Account Management' permission and/or the ISA role are now authorized to call these APIs.
- 'Enable for API access' property is no longer required to be set on the Managed Account.
Read the complete Documentation!