When talking about Privileged Access Management, it’s important to focus on the real objective: to ensure that only the right person can access the right system at any given time. A password vault can easily handle that, but you really need more. It’s far more important to ensure that when someone accesses a target, this person does only what they are supposed to do, and nothing more.
Complete control over privileged access requires not only managing who is authorized to access which systems, but also oversight of what they do with that access. In short, you need a Bastion.
The origin of the Bastion
You can ask any Business Analyst, WALLIX is the PAM actor providing unparalleled Session Monitoring, simply because it is in our DNA. WALLIX created the Session Manager first as an internal tool to monitor maintenance. This was so successful that the company refocused on this technology in 2003 and has enhanced it into a powerful solution with vital capabilities. Now, WALLIX has a deep understanding of Session Management and can guarantee full control, monitoring, and auditing of privileged session activity.
But what is Session Management?
Session Management is the process of granting access to a resource and ensuring that the session complies with its purpose. That is to say, that privileged users with login credentials access only thse resources for which they are authorized, and only enter actions and commands they are permitted to enact.
The Session Manager ensures the following services:
- Authentication capabilities, including the one or several of the following mechanisms:
- Login plus Password
- SSH Key or certificates
- Single Sign On
- Strong authentication/Multi-factor authentication
- Integrates with LDAP
- Session authorization
- Automatic authorization (time based, ip based etc.)
- Approbation workflow
- Monitoring, recording and auditing of all session activity
- Real-time monitoring (4-eyes mode)
- Unalterable video recording of activity
- Metadata extraction
- Research identified events in recorded sessions and access the specific record
So, how does Session Management work?
Session Management is a simple process that can be divided into 4 steps.
1/ Step one: A user is authenticated by the Session Manager. The Session Manager confirms the authentication against a Password Vault which stores credentials.
2/ Step two: The user requests access to a target system. This request is analyzed and granted or refused by the Session Manager.
3/ Step three: The Session manager is authenticated by the target system.
4/ Step four: The session is established between the User and the target system.
Additional steps can be enabled to benefit from monitoring and auditing capabilities of sessions
5/ An auditor can monitor a session in real-time (4-Eyes) through the Session Manager
6/ A Session Manager stores session recordings and provides session analysis tools so that suspicious behavior can be easily identified and the appropriate sequence provided to an auditor for review.
Now, let’s consider the real source of threat.
The data is clear: in 2017, 74% of data breach incidents were achieved through privileged user credentials. Without oversight and automatic termination of high-risk activity in sensitive resources, insiders and malicious outsiders can take full advantage of your vulnerabilities.
The facts say it all. You can have the strongest security system, but if you can’t control users’ operations on your systems, you’ll quickly find that your infrastructure is not as secure as you think.
Security is nothing without control…
Interested to learn more about why WALLIX’s Session Management tool is the best in the industry? Or how a robust PAM solution must include best-in-class Access, Password, and Session control? Check out the comparison, here: