eyondTrust , a leading

privilege misuse and stopping unauthorised access , has announced a first-of-its kind privilege management solution for network , IoT , ICS and SCADA devices .

PowerBroker for Networks rounds out BeyondTrust ’ s privilege management support , which includes privilege management for Windows , Mac , Unix and Linux endpoints , servers , applications and now any device managed via SSH or Telnet .

With PowerBroker for Networks , BeyondTrust customers can realise the benefits of end-to-end least privilege , faster and with less complexity across nearly all environments , including critical network devices .

PowerBroker for Networks is an agentless solution that controls what commands users can run , records sessions , alerts and provides a complete audit trail of user activity on network devices via the command line . Delivered with a modular design that is highly scalable , PowerBroker for Networks ’ architecture easily scales to hundreds of thousands of nodes without overburdening the network or administrators with overhead .

With PowerBroker for Networks , organisations can manage large , distributed and heterogeneous infrastructures while delivering optimal performance and without limiting activity . PowerBroker for Networks fully integrates with the central PowerBroker console , enabling customers to benefit from a single policy , management and reporting interface .

Brad Hibbert , COO , BeyondTrust

“ Network devices – such as routers , switches , firewalls , IoT , ICS and other SCADA devices – are critical for organisations to function , yet present open doors for external attackers and malicious insiders if not properly monitored ,” said Brad Hibbert , COO , BeyondTrust . “ To improve security on these devices , organisations must have control and visibility over privileged user activity . Since most network devices do not allow for the installation of agents , or are manufacturer-specific , PowerBroker for Networks fills an important gap .”

Because PowerBroker for Networks supports any device that utilises SSH or Telnet to enable management , it can be utilised across a diverse network , and offers the following features :

▯▯

Full Command Control and Session Auditing : Enables full , granular control and audit of all commands and sessions to network devices .

▯▯

Real-time Session Monitoring : Warns , or warns then terminates ,

▯▯

▯▯

▯▯

▯▯

a session when questionable user behaviour is detected . Integrates with SIEM Solutions for Complete Security Intelligence : Generates logs and sends to syslog to be picked up by a SIEM system . Alerts for Faster Cybersecurity Response : Generates alerts to prevent or stop unwanted activity . Automates Single Signon : Integrates with password management solutions such as PowerBroker Password Safe to seamlessly retrieve passwords for automated sign-on through a proxied connection . Centralises Control : Centralises administration , policy and audit data for decentralised devices and administrators .

“ The idea of ‘ identity ’ seems intuitive , but identity can be distorted either by inside actors imitating legitimate credential holders or miscreants escalating credentials ,” said Christopher Kissel , Senior Cybersecurity Analyst , Frost & Sullivan . “ A seemingly credentialed actor can wreak havoc as SecOps teams often cannot discover nefarious behaviour emanating from users with proper credentials . BeyondTrust PowerBroker for Networks is an important and evolutionary step in identity and access management ( IAM ), offering network administrators a single-point of management for important functions , such as command and control session monitoring and auditing , the generation of logs for SIEM and automating single sign-on . Additionally , PowerBroker for Networks moves ‘ identity ’ from a rolebased static event into an observable , fluid event where identity-change can be an Indicator of Compromise or where SecOps can block access even for credentialed actors .” PowerBroker for Networks is available now . u

intelligent SOFTWARE SECURITY

|

www . intelligentciso . com Issue 01

69