Live Chat Software by Kayako |
Indeed PAM 2.7: Empowering Enterprises with Advanced Privileged Access Protection
Posted by anna.vlasenko on 09 December 2022 01:58 PM |
|
Indeed Identity presents a new version of Indeed Privileged Access Manager, Indeed PAM 2.7. The new release features multiple innovations. For example, it can be partially installed on Linux and supports application-to-application password management. We have also added a few more supported functions and protocols and enhanced user and administrator interfaces for optimal user-friendliness. Using Linux-based systems for Indeed PAM control serverVersion 2.7 enables you to install the Indeed PAM control server on a Linux server. The Indeed PAM components, including Core, IdP, User Console, Management Console, and Log Server, can now be deployed in Docker. This means the product can be installed on any Linux OS supported by Docker, including the certified Alt Linux SPT and Astra Linux. SSH Proxy for LinuxIn the new version, you can install SSH Proxy on a Linux server to proxy all SSH sessions. To do so, you will need to deploy a Docker container. Application-to-application password management for using privileged accounts in third-party applications and scriptsThis feature will help you securely store and manage all passwords to service accounts used in scripts and third-party applications. This means you no longer need to keep your passwords in scripts, configuration files, etc. where they can be exposed. Indeed PAM offers an API for retrieving relevant service credentials from a secure repository. All retrievals are recorded in the PAM log, and the actual passwords are rotated periodically using a random password generator. Departmental setup enabled: adding organizational structure in PAM and customizing access policy for PAM administratorsFor companies with a complex structure and multiple branches, assigning different control rights to administrators in charge of specific departments and branches is quite essential. You can address this task in Indeed PAM 2.7 by setting up resource groups. To do so, create a separate resource container for every branch and assign the rights to control this container to a given PAM administrator. Use the privileges in Role Settings to customize the administrative rights. The administrator will be able to view and grant permissions, view sessions, manage accounts and perform other functions, but only on resources added to the corresponding container. Updated PuTTY clientTo address the vulnerabilities of previous versions, we have updated the modified PuTTY client to version 0.76. Using a *.csv file to import resources to the PAM database in MC PAM administrators may often need to upload multiple resources into the system, but it may take too long to upload them manually. The new version lets you use a *.csv file to import resources into the PAM database; a relevant feature is now available in the Admin Console. Exporting a list of permissions to a fileIn the new release, you can download a list of permissions as a *.csv and *.xlsx file. This means that your reports can be generated in third-party systems. Managing two-factor authentication for individual usersThe new version lets you disable 2FA ad hoc to streamline and speed up the work of specific users who do not require strong authentication. Automatic revocation of expired permissionsIndeed Identity products are multipurpose solutions that can also help you automate and optimize your IT systems. In keeping with this mission, the new Indeed PAM version allows you to automatically revoke expired permissions. This will significantly reduce the workload of PAM administrators, and the User Console will now show only active and valid permissions. Improved Pam.Tools.Dump functionality: export without decryption and ad-hoc decryptionWe have upgraded Pam.Tools.Dump, the utility program designed for exporting current passwords from the PAM database. The updated version allows you to schedule encrypted password uploads or decrypt them whenever necessary. A new supported protocol for SSH Proxy – SCPYou can now use SCP protocol to transfer files via SSH Proxy. Whenever a file is transferred, a new entry will be made in the session text log. The system will also save shadow copies of sent files, which can be viewed and downloaded for further analysis. Running scheduled tasks on a specific Core serverIf your deployed product architecture includes several PAM control servers, you can now selectively assign one or more control servers to perform scheduled service operations and tasks. Sending text session logs to a SIEM systemTo enable easy integration with SIEM solutions and ensure timely incident detection and response, you can opt to send all event data to a third-party log server. The event data will be delivered via syslog in CEF and LEEF formats. The new version lets you send not only PAM data logs but also text logs of all user sessions. This means that you can now use SIEM platforms to analyze user activity. You can pre-filter log entries to make sure that only relevant entries will be sent for further analysis. New design for IDP authentication pageIndeed PAM 2.7 features a new user-friendly authentication page design. Sorting licenses in MC by time addedYou can now sort the Indeed PAM licenses in the Admin Console by the time they have been added to the system. Assigning or changing policies for several resources or accounts at a timeThe new version allows you to assign a new policy across several resources or accounts at once. To do so, visit the relevant section. Advanced resource search by user connection type and departmentWe have refined the advanced search functionality in the Resources section of the Admin Console. You can now use it to run searches by department and type of user connection. IP address and DNS displayed in the User ConsoleThe new version features separate columns with IP address and DNS of the target resource. User IP address displayed in new session requestsAll new session requests that must be approved by a PAM administrator now include the IP address of the workstation from which a user is trying to access PAM. New browser supported for connections to web resources – Microsoft EdgeMicrosoft Edge has been added to the list of supported browsers for web resource connections on the access server. With all these improved features, increased user-friendliness and enhanced capabilities, this update is not to be missed. Don’t just take our word for it though, see for yourself how the latest version of Indeed PAM can benefit your organization. Request a demo today and discover how our solution can help you better protect your critical assets, simplify compliance, and improve overall productivity. The post Indeed PAM 2.7: Empowering Enterprises with Advanced Privileged Access Protection appeared first on Indeed Identity blog. | |