Monitoring and accountability of privileged users

Among many targeted attacks, privileged accounts become the target most often. This results from the high privileges assigned to them, and as a consequence a successful attack of their use. Attacks are carried out from outside (eg theft of credentials) and from inside by so-called insiders. In response to such threats a product class of the Privileged Access Management type has been created.

In our offer you will find the following products from this group:

PRIVILEGED SESSION MANAGEMENT is a system used for authentication, access control as well as monitoring, recording and auditing of administrative sessions, e.g. access to servers or network devices. Registration of administrative sessions introduces full accountability of employees and contractors, and allows the company to meet auditing requirements. In the case of detecting illegal activities, the sessions secured by the system constitute undeniable evidence.
The development of the PRIVILEGED SESSION MANAGEMENT system is the PRIVILEGED ACCOUNT ANALYTICS solution that allows users to study user behavior in real time. It uses the session information collected by PSM for this. Analyzes the behavior of the user in terms of deviation from the standard behavior of a given user, including working hours, IP addresses, types of connections or entered commands. In addition, the system uses biometric analysis, which consists in examining how the user enters the text on the keyboard and how to use the mouse. On this basis, it is able to determine if a given user is the right person. 
REDSUITE from Lieberman Software Corporation is used to detect, track, update and manage passwords for privileged accounts. The REDSUITE solution detects all places where privileged accounts are used. It then secures the detected credentials and introduces procedures for changing them. REDSUITE creates unique, cryptographically complex passwords for all privileged accounts, and then automatically enforces their changes in accordance with the security policy. This allows reducing the risk of unauthorized access by separating passwords from users. The system stores the credentials in the database, which is encrypted using the AES algorithm, also allows the use of the FIPS 140-2 module, additionally uses PKCS # 11 hardware encryption.

The advantages of PAM solutions:

  • the ability to monitor sessions (SSH, http, HTTPS, Telent, RDP, VNC, Citrix)
  • the ability to authorize and terminate the session by the person responsible for the system
  • protection of audit trails
  • full accountability and control of contractors’ work
  • managing access to systems (users do not know system passwords)
  • password rotation (change of passwords in time according to the schedule)
  • real-time analysis
  • access control
  • recording of administrative sessions
  • log collector (gathering information to solve problems faster)
  • limiting the number of false alarms related to unauthorized access
  • possibility of integration with other systems (SIEM, Log Management Multi-Factor Authentication, User Directories, IT Service Management).

Do you want to get the right technology for your company?

Are you interested?

Contact us.

Sales

tel.: (22) 328 47 30

Partnership

tel.: (22) 548 47 94

Service and technical support

tel.: (22) 328 48 00
tel.: (22) 328 47 40

Wrocław
tel. +48 695 336 333

Gdańsk
tel. +48 601 951 231

Name and surname (required)

Email address (required)

Message content

I hereby consent to the processing of my personal data for purposes related to contact by MCX Pro Sp. z o. o., based in Warsaw at ul. Gotarda 9.
According to art. 13 (1) and (2) MCX Pro informs that providing personal data is voluntary and:
a) personal data will be processed only to the extent and for the purpose in question in the first sentence of this consent,
b) You have the right to access the content of the data, as well as the right to correct it,
c) You have the right to submit a written, motivated request to cease the processing of personal data due to the special situation,
d) you have the right to object to the processing of your personal data,
e) personal data will be processed under conditions that ensure their protection in accordance with applicable law.
Within the scope defined in point a) -e) above the statement, request or question should be submitted in electronic form to the address rodopro@mcx.pl or in writing to the address MCX Pro, ul. Gotarda 9.02-683 Warsaw.