BeyondTrust - Secure Remote Access and Privileged Access Management
Announcement:
Be among the first to secure AI coworkers before they act. Request early access to AI Agent Security.

Accelerated Time to Value

Achieve agile privileged password management that proactively manages privileged accounts, credentials, secrets, and sessions for people and machines, ensuring complete control and security, while also enabling zero trust to improve your security posture.

BeyondTrust Professional Services Password Safe packages offer scalable services engagements, with a drive toward providing customer self-sufficiency at all points along the engagement. The outcomes you receive are rooted in our best practices and are delivered in several Tiers, each representing increasingly comprehensive solutions.

Inquiry selection for Password Safe On-Premises Implementation Services

Customer Outcomes

  • Tier 1 Outcomes

Delivers essential Password Management & Session Management functionality for the assets in your environment. Reduces time to value as you quickly gain control of your credential and secrets usage. You gain visibility of credential and secrets usage through the Analytics & Reporting engine while satisfying your audit and compliance needs.

  • Tier 2 Outcomes

Delivers expert guidance when integrating installed enterprise systems such as SIEM tools or ITSM Ticketing systems. Implementation leverages structured approaches to developing and deploying advanced use cases for a variety of different asset types.

  • Tier 3 Outcomes

Delivers workshops to accelerate your enterprise-wide roll out using API frameworks and integrating with your Remote Desktop Services environments, for example. Provides working sessions to create customized oversight solutions and build on your self-sufficiency by developing a knowledge base.

Professional Services Criteria

Tier 1

Tier 2

Tier 3

Infrastructure and High Availability

Appliances

Up to 2

Up to 4

Up to 9

Active/Passive

Yes

Yes

Yes

Active/Active[1]

Yes

Yes

Yes

Analytics & Reporting[1]

Yes

Yes

Yes

Privileged Account Management

Asset Import from Active Directory or Address Group with Discovery Scan

2500

5000

7500

Automated rotation of passwords, Session Management and Password Retrieval (per Use Case)

5

10

15

Remote Application Session Management per Application [1]

5

Define Access Policy and Password Complexity aligned with organizational standards

Yes

Yes

Yes

Features Configured

Desired number of completed Password Safe Use cases, from Common Use Case list below

5

10

15

Number of User Groups with Password Safe Roles assigned to Smart Groups

5

10

15

AD Integration count for User Security Group, Computer and Account Discovery, or LDAP integration per Domain

1

2

5

Authentication Integration (SAML, RADIUS or TOTP) integration for Password Safe (1 Provider)

Yes

Yes

Yes

Enterprise Integrations[2] (Ticketing Systems)

Yes

Yes

Syslog/SIEM connector from available built-in connectors

Yes

Yes

Create custom platform connector(s) for SSH Sessions

1

3

Configure Secret Safe

Yes

Yes

Yes

Configure Workforce Passwords

Yes

Yes

Secrets Cache installation, configuration, and example API PowerShell script to pull from Cache

Yes

Yes

Review Built-in Reports

Yes

Yes

Yes

Knowledge Transfer

Provide knowledge transfer for daily maintenance of the system

Yes

Yes

Yes

Implementation Closure Report

Yes

Yes

Yes

  1. 1.Requires specific prerequisites in place prior to being able to implement this task
  2. 2.Some connectors may require additional licensing

FAQ

A custom engagement can be scoped to cover Architect Workshops, for an additional fee.

The numbers above represent the maximum number within each deliverable category. If requirements or critiera fall outside of the typical deliverables noted, a custom scoped engagement is also available.

Common Use Cases

Based on each Tier, certain Password Safe use cases are available to be configured, as listed below:

Use Case Info

Tier 1

Tier 2

Tier 3

Use Case 1 - Rotate password and proxy RDP session - Local Windows Administrator to domain joined Windows Server

Yes

Yes

Yes

Use Case 2 - Rotate password and proxy SSH session - Local root/privileged account to Linux/ Unix server

Yes

Yes

Yes

Use Case 3 - Rotate password and proxy SSH session - Local Administrator to Network device

Yes

Yes

Yes

Use Case 4 - Rotate password and proxy RDP session - Active Directory Windows Administrator to Windows Server

Yes

Yes

Yes

Use Case 5 - Rotate password and proxy SSH session - Active Directory Administrator to Linux/ Unix server - requires established Active Directory bridge

Yes

Yes

Yes

Use Case 6 - Rotate password and proxy SSH session - Active Directory Administrator to Network device - requires established Active Directory bridge

Yes

Yes

Yes

Use Case 7 - Rotate and RDP - Dedicated Active Directory Administrator to Windows Server - ensure only the individual can see their administrator account - requires naming convention to match with suffix or prefix

Yes

Yes

Yes

Use Case 8 - Rotate and Retrieve Password - Local Database Administrator on Database

Yes

Yes

Yes

Use Case 9 - Rotate SSH Key and proxy SSH session - Local Administrator with Password and/or SSH Key to Linux/Unix server

Yes

Yes

Yes

Use Case 10 - Rotate SSH Key and proxy SSH session - Local Administrator with Password and/or SSH Key to Network device

Yes

Yes

Yes

Use Case 11 - Local Windows Administrator to non-domain joined Windows Servers using local functional account (ie DMZ)

Yes

Yes

Yes

Use Case 12 - Rotate password on Windows Services or Scheduled Tasks - Propagation Actions - Windows Services Log on as, Scheduled Tasks run as, and Application Pools run as

Yes

Yes

Use Case 13 - Retrieve Password - Administrator on Cloud platform

Yes

Use Case 14 - Application Session - Managed local or Active Directory Administrator account - requires established script and Remote App configured on RDS

Yes

Use Case 15 - Local Windows Administrator to Windows desktop or server via EPM Client with off network management integrations

Yes

Additional Information