Wheel Fudo PAM
Enforcement of the GDPR begins on May 25th, 2018. Learn how Wheel Fudo can protect your company from the possible penalties.
Did you know that:
55% of security breaches are related to a misuse of privileged accounts, as much as 60% of incidents result from an administrator’s mistake (Source: Verizon “2015 Data Breach Investigation report”). Privileged accounts enable unrestricted access to essential IT resources: main servers, networking equipment or users’ workstations. Lack of control over privileged users is a direct threat to the integrity and security of your data. Moreover taking over access to privileged accounts by an outsider, can lead to data leaks or a company being compromised.
This is why it is important to implement proven solutions, which constantly manage the entire privileged architecture, including users, accounts and remote access sessions.
Secret Manager – a tool to manage passwords on the privileged accounts.
Privileged Session Monitoring – privileged session management and monitoring.
Efficiency Analyzer – a comprehensive productivity analysis tool.
Application to Application Password Manager – in cooperation with Secret Manager which serves passwords applications.
Main Wheel Fudo PAM (Privileged Access Management system) features:
- Managing privileged accounts' password policies. Secret Manager is a complete solution for managing passwords, which are stored securely and not disclosed to users. Its advantage is the ability to define a password's validity and complexity. Secret Manager stores a password's history to regain access to managed accounts in emergency situations. The security of stored passwords is ensured by the password verification mechanism, which checks whether or not the password has been changed in an unauthorized way.
User portal ensures intuitive access to target hosts through a centralized list of accessible resources. Thanks to this, users no longer have to memorize numerous hostnames,
- Detailed recording and analysis make Wheel Fudo PAM a perfect tool for quick forensic analysis.
- Live session streaming. Live sessions can be streamed seamlessly, without any delays or loss in quality.
- Session joining – the ability for the super administrator to work with the remote user in the same session.
- Quick session sharing allows for sharing recorded session material and live session stream with third parties.
- Proactive monitoring and sessions termination. Enables a security policy, which will automatically terminate suspicious connections.
Managing and transferring passwords to
applicationwithout human interaction using the AAPM module. A password which is stored inside an application and used for authentication purposes,can enable facilitating an attack on the system that the application connects to. The AAPM module greatly increases the level of security.
- Business intelligence tools (Efficiency Analyzer module) measure users and organizations productivity, providing detailed information on their activity and idle times.
- Modern and intuitive administration interface greatly reduces initial system configuration and daily maintenance efforts.
Secret Manager – password management
- active management of privileged accounts passwords
- password changers for MS Windows and Unix systems; MySQL databases and Cisco devices
- custom password changers support
- customizable passwords complexity
- command line protocols: SSH, Telnet, Telnet 3270
- graphic protocols: RDP, VNC, X11
- database protocols: Oracle, MySQL, TDS implementation for MS SQL
- web protocols: HTTP, HTTPS
- production infrastructure protocols: Modbus
- ongoing sessions supervision in a web browser
- one click launches an internal player without the need to install additional software
- command line session material is fully interactive which enables copying content to the clipboard
Quick session blocking
- in case of any unauthorized activities, Wheel Fudo PAM enables pausing or the termination of a session along with revoking access rights
- co-sharing session enables the system administrator to join a given connection and work along the remote user
Uniform and independent environment
- Wheel Fudo PAM does not require the installation of additional software or agents, which enables rapid deployment and integration with existing IT infrastructures
- recorded material is encrypted and can also be timestamped
Easy to use administration interface
- an intuitive and ergonomic administration panel ensures convenient and effective management
- Wheel Fudo PAM enables sharing a session with third parties in the form of a URL link
Detailed session information
- Wheel Fudo PAM stores all of a session's data and metadata, which includes transferred files, keystrokes and cursor movement. The session player allows for skipping inactivity intervals, fast-forwarding as well as seeking to a specific time within the recorded content. Additionally, RDP and VNC sessions can be OCR processed. Recorded sessions can be exported to video format. Sessions can be commented and tagged while full-text search and advanced filtering options enable finding desired content quickly
Live session supervision and proactive monitoring
- Wheel Fudo PAM enables live session supervision by designated personnel as well as automated actions upon detecting unauthorized user actions specified as patterns
Directory services support
- Wheel Fudo PAM supports LDAP and Active Directory services which allows a user's definitions to be imported as well as verifying the user's login credentials
- Wheel Fudo PAM authenticates users using the following mechanisms: locally stored passwords, Cerb, Radius, and SSH keys
Runtime login and password substitution
Wheel Fudo PAM can, after successful authentication, substitute credentials provided by the user with credentials configured in Wheel Fudo PAM or fetched from a third party Password Vault solution. With the substitution feature in use, the actual login credentials to target hosts do not have to be disclosed to end-users
- Wheel Fudo PAM supports a multi-master cluster configuration ensuring high availability and performance scaling
- monitoring anonymous connections, i.e. without authenticating users by Wheel Fudo PAM
- stored session data is encrypted with AES-XTS 256
cryptographic data integrity verification
- the user's productivity is represented in the form of comprehensible charts enabling work efficiency analysis
App to App Password Manager
- automated passwords retrieval from the vault
- secure password transfer to the application
- alternative access to FUDO’s data structures
- enables integration with third-party solutions (e.g. ticketing systems)
- centralized list of monitored resources
- convenient access to target hosts – a single click opens a corresponding client application with connection parameters already filled in
- increased security of critical systems – privileged accounts login information is not disclosed to the end user