Privilege User Management
Secure access to UNIX, Linux and Windows systems
Do you have visibility into everything that privileged users are doing on your systems across your environment? Would you know if an unauthorized user gained access to sensitive information? The frequency and seriousness these breaches are increasing and compliance requirements for regulated information are forcing businesses to monitor of privileged user access. Can you do so today?
NetIQ Privileged User Manager allows IT administrators to work on systems without exposing administrator or supervisor passwords, as well as root-account credentials to the administrator. It specifically targets managing, controlling and recording of all privileged administrator activities for UNIX, Linux and Windows environments.
Secure, cross-platform privileged user management. Control and record "which privileged users have access to what"
NetIQ Privileged User Manager delivers privileged user control, tracking and auditing for UNIX, Linux and Windows platforms—giving you a single product to secure your entire server infrastructure.
With Privileged User Manager, you centrally define rules for allowing or denying user activity based on a combination of user name, typed command, host name and time (who, what, where and when).
By managing UNIX, Linux and Windows privileges in this way, you can control what commands users are authorized to run, at what time and from what location. And since all user activity is recorded, you can quickly identify suspicious activity and take immediate action when it occurs.
Simplified policy management with web-based console
NetIQ Privileged User Manager allows you to centrally manage security policies from a single point. The intuitive drag-and-drop visual interface makes it easy for administrators to create rules, instead of relying on complex, time-consuming manual scripting.
Once rules are created, they are enforced across all managed UNIX, Linux and Windows systems. When rules are updated or changed, that change is immediately applicable across the entire set of hosts in the enterprise. Unlike other Super User Privilege Management products that require systems to be updated individually, Privileged User Manager frees administrators to focus on protecting the infrastructure, not on installing rule updates.
Furthermore, an integrated test-suite tool allows administrators to model and test new rule combinations before committing them to production use. Rules can simply be dragged into nested hierarchies to build sophisticated control structures which provide more granular control for even the most demanding environment.
Powerful risk-analysis tools record and play back user activity—down to the keystroke level
NetIQ Privileged User Manager enables auditors to proactively identify risks before they negatively impact the business. Using a unique risk-analysis engine, Privileged User Manager analyzes each command as it is typed and assigns it a risk level from 0 to 9 based on the command executed, the user who executed it and the location. High-risk commands are color coded as red and low-risk commands are color coded as green, with varying shades in between for instant identification of events that could pose a security risk.
For example, administrators can set rules that flag certain commands as higher risk because of the potential threat they pose to the organization. Privileged User Manager recognizes these high-risk commands and color codes their associated keystrokes.
Auditors can view any recorded keystroke activity through an intuitive interface with play back functions. If an event requires further analysis, a workflow process escalates the event to the appropriate managers—either by sending an email notification or flagging the event in the compliance auditor console—who can take immediate action.
The unique risk-profiling capability of Privileged User Manager enables fast and easy identification of any collected user input that poses a higher level of risk, allowing you to mitigate potential damage caused by malicious activity or accidental misuse.
Prove compliance with permanent audit records 24x7x365, not just around compliance audits
The auditing and reporting capabilities in NetIQ Privileged User Manager help organizations prove compliance on an ongoing basis, not just around compliance audits.
Each event is pulled into a powerful audit reporting and management tool—the Compliance Auditor—that gives auditors enterprise-wide visibility, allowing them to prioritize responses to any anomalous activity.
As soon as an event is opened, auditors can view any recorded keystroke activity and apply a status of "authorized" or "unauthorized" to each event, with each change being automatically added to the permanent audit record. If the event requires further analysis, a workflow process escalates the event to the appropriate manager who can take immediate action.
Privileged User Manager further simplifies the auditing process by:
- Sending internal auditors automated e-mails showing a breakdown of events that require auditing
- Detailing how long event records have aged before sign off
- Sending automated e-mail alerts to senior security personnel when event records remain unaudited
- Allowing auditors to record detailed notes against each event to form a permanent record of compliance
- Filtering data to display only high-risk events that occurred within a specified time period