Indeed PAM 2.3: enhanced tool for comprehensive cybersecurity

Indeed PAM 2.3.In the new release, we continue upscaling the Indeed Privileged Access Manager functionality. New important access control features, expanded user session management options, and improved user experience for a number of scenarios have been added to make Indeed PAM even more functional and convenient management tool. Let’s take a closer look at the following additions to Indeed PAM Version 2.3.

PERMITTED AND FORBIDDEN SSH COMMANDS

Version 2.3 allows setting up a list of permitted and forbidden commands for SSH sessions. This feature enables proactive protection, thereby reducing the risk of unauthorized changes in your information systems. Your administrator can use the PAM policy settings to customize the list of permitted and forbidden commands and use both of the following configuration options:

  1. Deny all, allow the use of selected commands.
  2. Allow all, deny the use of selected commands.

You can also set the desired behavior in case of entry of forbidden commands:

  1. Terminate the session.
  2. Abort the command without terminating the session.

A PAM administrator can also opt to receive an email notification if a forbidden command has been entered.

REQUIRED AUTHORIZATION OF NEW SESSIONS BY PAM ADMINISTRATOR

You can enable required authorization of new sessions by the PAM administrator for all contractors/vendors or employees of your company who need to connect to your critical infrastructure in order to perform their professional duties. The Indeed PAM 2.3 features a new option – New sessions must be authorized by a PAM administrator. If this option is enabled, users will not be able to access your system without administrator’s authorization.

Session requests

To view the list of connection requests, please open the corresponding section in your management console. Your administrators can review all requests and approve or reject them. In addition, they can opt to receive email notifications for all new sessions that require their authorization.

DIRECT CONNECTION TO TARGET RESOURCES VIA SSH PROXY

The SSH Proxy now includes a new connection mode; you can indicate the target resource and account that you want to use to start the session right in the connection string. This way, you can skip the Select Connection step and start a new session immediately. Connection string example:


ssh [user-name]#[resource]#[account-name]#[reason]@[proxy-address]


ssh James.Miller#192.168.1.34#root#”Supportservices”@IPAMSSHProxy.indeed-id.local,


where:

James.Miller is the PAM username,
192.168.1.34 is the target resource address,
root is the user account that should be used to connect to the target resource,
Reason,
IPAMSSHProxy.indeed-id.local are the Indeed PAM SSH Proxy addresses.

HOW TO USE MULTIPLE COLLECTIONS OF RDS APPLICATIONS

Indeed Privileged Access Manager Version 2.3 can work with multiple Remote Desktop Services collections; you can use the policy settings to add a specific collection. This feature allows using a single PAM installation for multiple branches or segments in your company’s network – you can deploy separate RDS servers with specific collections for each branch or segment. Depending on the active user account, your connection will be redirected to appropriate servers (collections). This way, you can use the nearest (local) servers for your user connections (Segment 1 users connect to Segment 1 servers, etc.), thereby optimizing the traffic.

MULTIPLE SESSION POLICIES FOR USER ACCOUNTS

The new version allows setting up distinct policies for connections under different user accounts. Now you can customize session recording settings depending on the user category. For example, you can configure the system to take screenshots for ordinary users and record video for administrators.

FIXED USER IP ADDRESSES IN THE SESSION DATA

The IP address of the PC that was used to connect to the PAM server can now be logged in the session properties. You can also run an IP search in the session repository. Your PAM administrators can use it as an additional tool for monitoring and investigating incidents.

Filtering sessions by user IP

CONNECTION ADDRESS DISPLAYED IN THE USER CONSOLE AND SSH PROXY

The new version features another user-friendly option – the list of resources available for connection in the console and SSH Proxy shows the address that will be used to access a given resource. Now your users can quickly take stock of the situation and select the right resource for work.

Connection address in the Indeed PAM User Console
Connection address in Indeed PAM SSH Proxy

HOW TO FILTER CONNECTIONS BY SERVICE CONNECTION TYPE ON THE RESOURCES PAGE

To enable effortless navigation in the list of resources, we have added an option to filter connections by service connection type to the PAM admin console on the Resources page. This feature will help you easily locate the needed resources, for example, DBMS connections or connections to the web configurator of network equipment.

If you are interested in the new Indeed Privileged Access Manager 2.3 and want to see a real-life product demonstration we will be glad to make a one-to-one webinar for you. Simply click the button below.

Request a demo

More