Versions Compared

Old Version 3

changes.mady.by.user Phillip Hanegan

Saved on

compared with

New Version Current

changes.mady.by.user Phillip Hanegan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Privileged Session Manager (PSM) is an application cluster that allows you to access, record, and monitor privileged sessions. With PSM, users can be issued privileged access to computers while meeting audit requirements. It enables granting access to users for a specific amount of time, capability to monitor live and terminate session at any point and replaying sessions. It also includes time constrained access to credentials and automatic termination of sessions after time limit expiry.

Benefits

Manage and Record Privileged User Sessions

...

EmpowerID discovers computers and virtual machines wherever they may reside. The most popular platforms for running virtual workloads are supported including: Amazon AWS, Azure, and VMware VCenter. EmpowerID also discovers computer objects from your Active Directory or they can be registered manually in friendly web-based workflows. Computer discovery allows admins to maintain an up to date inventory of the assets they are managing as well as simplifies the process for configuring servers for PSM access.

Features 

  • Access — Privileged Session Manager permits users to view only resources for which they are granted access. They request access and initiate connection through the EmpowerID website.
    Privileged Session Manager proxies all sessions to target resources through the PSM servers thus enabling extensive control over the transmitted communication.

  • Live Monitoring, Recording and replay — Administrators can view sessions live (Provided policy allows for it), record sessions and replay them for review all from the EmpowerID website.

  • Credential Sharing — Computer credentials are encrypted and on request used to initiate privileged sessions with target resource by automatic login. The credentials are not exposed to users to enhance security. 

  • Auto-login — Privileged Session Manager can be combined with Privileged Access Manager, enabling you to configure access for automatic login, which enhances security and compliance by not exposing account credentials to users. 

Architecture

The PSM cluster consists of 3 dockerized Node.js applications each with their own responsibilities. 

  1. Application

  2. Daemon

  3. Uploader

    Image Removed


    Image Added


Session Flow

Below is the UML diagram that outlines a session from initiation to viewing recorded session at the end. A description of the flow follows the image.

...

Insert excerpt
IL:External Stylesheet - v1
IL:External Stylesheet - v1
nopaneltrue