Let’s face it. Many cybersecurity and IT departments were not prepared for rapid changes that the pandemic crisis has caused. Security officers all around the world witness the dramatic increase in the number of privileged users which simultaneously widens the area for hackers’ attacks. Corporate budgets are either frozen or reconsidered and you need to find the most cost-effective PAM? Consider Axidian Privilege, a software that controls, protects and audits privileged accounts.
There are two licensing models applicable to Axidian Privilege:
- based on the number of privileged users and resources
- based on the number of simultaneous connections (sessions).
Let’s take a closer look at them.
Option 1. Licensing model based on privileged users and resources
The following licencse types are used in this licensing model:
- User license. The license gives the right to use Axidian Privilege for a stated number of users. Each employee who gets access to the resources with the help of privileged credentials must have PAM user license. The number of user licenses can be increased by purchasing additional licenses. If needed, it is possible to re-allocate user licenses between employees (to recall licenses from some employees and give them to others).
- Resource license. The license gives the right to connect to a stated number of resources – servers, hosts etc. The number of resource licenses must be equal or more than the number of servers, PC and other equipment which privileged access is granted to. User license includes a definite number of resource licenses. If needed, the number of resource licenses can be increased by buying either user or resource licenses.
Example of using the licensing model based on privileged users and resources
In the organization, there are 7 system administrators who maintain the service of network equipment and servers. The number of resources is no more than 100. Also, the organization employes the services of contractors who connect to the same servers. The number of contractors is 3.
Altogether, the following licenses will be required for PAM work:
- 10 user licenses (7 system administrators and 3 contractors)
- 100 resource licenses (servers and network equipment) – the resource licenses are supplied together with user licenses.
If contractors change, then the licenses can be withdrawn from previous owners and allocated to the new ones. It is not required to purchase new licenses.
Option 2. Licensing model based on privileged sessions (simultaneous connections)
The following licensing model uses only one type of licenses:
- Licenses on sessions. Such a license limits the number of sessions (simultaneous connections) which can be simultaneously opened in Axidian Privilege. All active sessions count. The number of PAM users and registered resources is not limited.
Example of using the licensing model based on privileged sessions
In the organization, there are many contractors who sometimes connect to servers to configure specific software. The connections are not regular in time. Each time different contractors connect to servers. Simultaneously, there are no more than 5 connections.
Altogether, the following licenses will be required for PAM work:
- 5 licenses of simultaneous connections
Comparison
| Licensing model based on privileged users and resources | Licensing model based on privileged sessions | |
| The number of users and resources (servers etc) | Limited by the license | Not limited |
| The number of simultaneous connections | Not limited | Limited by the license |
| How to calculate the licenses | By the number of employees who connect through PAM | By the planned number of active sessions which PAM should open (as a rule, it is required to have an experience of using PAM to correctly evaluate the number of sessions) |
| How to reallocate licenses between users | It is required to recall all access from one employee and give access to another | No reallocation is required |
If you want to have a quotation for your project, contact us.
