RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

Wallix Admin Bastion (WAB)

Product
Developers: Wallix
Last Release Date: 2014/03/04
Technology: Cybersecurity - Authentication,  PAM Privileged Access Management,  the Firewall,  cybersecurity - Information loss preventions,  cybersecurity - Means of enciphering

Content

Wallix Admin Bastion (WAB) is a control system of access for internal and external suppliers of IT services, owners of accounts with the expanded rights and users with the increased risks.


  • Uniform access point to the key systems
  • Control and access control
  • Record of sessions
  • Rupture of sessions on settings the politician or on command
  • Password management and implementation of password policy
  • The notification about violation the politician
  • Analysis of activity
  • Work without use of agents

We control privileged users of WALLIX ADMINBASTION

Description

WAB helps to control reliably access for internal and external suppliers of IT services, owners accounts with the expanded rights and users with the increased risks. Besides, if necessary the administrator can write working sessions for the subsequent viewing for the purpose of audit, incident management, conducting investigations, etc.

The WAB system guarantees - the employees who left the company will not be able to get access to its internal systems any more. Wallix AdminBastion is the platform capable to help with ensuring strict compliance to requirements of all used standards: PCI DSS, SOX, FZ-152, etc.

Advantages

Monitoring of actions

Wallix AdminBastion provides monitoring of the connections and operations performed by users and service providers on the administered systems (servers Windows and Unix/Linux, network devices, etc.). The console of audit of WAB allows to perform monitoring of connections to IT systems in real time and is retrospective (in the magazine).


Record of sessions

Sessions of Windows Terminal Server (RDP) or VNC can be written in a video format, and the operations performed from the command line (SSH, Telnet, etc.) — in a text format.


Statistics and reports on actions

System administrators of AdminBastion can browse diagrams and statistics of activity (the number of connections, the history of activity, magazines of connection, the ratings of users, etc.) and also to automatically create detailed reports in the CSV format.


Password management

The WAB system allows to implement and support politicians of password management for privileged users or the administered systems. For example, it is possible to configure change of the password according to the schedule or to require to enter passwords of a certain length, complexity, etc.


Analysis of events and character recognition

Wallix AdminBastion analyzes all commands entered during the sessions of SSH in real time and in case of detection of the prohibited lines sends the adequate notice or breaks off a connection session. Besides, WAB uses technology of optical character recognition (OCR) for the analysis of sessions of RDP and VNC in real time - it significantly simplifies identification of the reasons of failures or incidents of security.


Control in real time

Wallix AdminBastion notifies on any connection attempts to the devices defined as critical, about unsuccessful attempts of an input in WAB or about impossibility of an automatic input using the set account.

Automatic obtaining information

Services SOAP Web Services can be used for automatic import of data on users, devices, groups, etc. to WAB. Automatic synchronization of data between the central IAM and Wallix AdminBastion platform allows to reduce the cost of ownership of the WAB system.

Convenience of deployment

The solution Wallix AdminBastion is available in the form of the physical and virtual device and also can be delivered to the customer in the form of a cluster of high availability (HA cluster).

Work without use of agents

WAB does not require installation of agents on controlled devices or workstations of administrators that provides fast deployment and low cost of ownership. Employees of IT department should not "adapt" to a system.

2015

The solution Wallix AdminBastion is certified on compliance to requirements of FSTEC of Russia

The WALLIX company announced in March, 2015 passing by the solution Wallix AdminBastion of inspection control in FSTEC of Russia: the product received the FSTEC certificate of Russia on compliance to regulating documents of NDV on the fourth level of control (RD NDV-4). It allows to apply it to data protection (including personal data) in the large geographically distributed state information systems (SIS). The data collected by Wallix AdminBastion can be also used as evidential base at judicial proceedings.

Within certified process the source code of a product was provided to the testing laboratory accredited by FSTEC of Russia which using the automated means of verification of the code confirmed absence in it not declared opportunities. According to the results of the performed works the technical conclusion was made, confirming lack of tabs in software and it is possible to use this solution containing recommendations of in what information systems (IS) within the Russian legislation. Further all documentation and the technical conclusion were analyzed and confirmed with the certification body which sent own conclusion to FSTEC of Russia. In the final of FSTEC of Russia issued the certificate certifying that Wallix AdminBastion completely corresponds to regulating documents on NDV-4 and the stated specifications.

2014

Wallix AdminBastion 4.0

On March 4, 2014 the Wallix company announced release of free trial version of the solution Wallix AdminBastion 4.0 which allows to build in control of privileged users process of management of IT risks.

The Wallix AdminBastion system is installed outside of the protected perimeter of the organization, has uniform point of entry. For access to accounts it is enough to remember a user name and the password in the WAB system. Thus, administrators do not need to create files with passwords any more or to transfer important passwords out of limits of the organization. Function of registration and record of all operations performed on the managed devices during the graphic session or a session of the command line is implemented. Respectively, the administrator can trace in real time who when and as long had access to this or that account, and then to browse record of a session and to analyze its contents.

Control of any operations which are performed by users of crucial applications with the administrator's rights, for example, VMware of ESX, Oracle, MySQL and similar is provided.

WAB allows to change passwords on the managed devices on a request or through the set intervals. It is important that it allows to guarantee compliance of policy of change of passwords and their complexity to all requirements of regulators for crucial devices.

A system works without use of special agents on the administered devices or at workstations of administrators. The absence of agents allows to unroll, operate or update a system in short terms and with minimum risks.

Advantage in the functionality of a system extended to business applications (financial systems, development tools and CRM, customized applications, etc.) and also to applications for infrastructure management.

The WAB system is supplied to the market in two configurations: software, hardware and software system.