Protection from privilege-based attacks

BeyondTrust has introduced what it says is a first-of-its kind privilege management solution for network, IoT, ICS, and SCADA devices.

  • 6 years ago Posted in
PowerBroker for Networks rounds out BeyondTrust’s privilege management support, which includes privilege management for Windows, Mac, Unix and Linux endpoints, servers, applications, and now any device managed via SSH or Telnet. With PowerBroker for Networks, BeyondTrust customers can realize the benefits of end-to-end least privilege faster and with less complexity across nearly all environments, including critical network devices.
 
PowerBroker for Networks is an agentless solution that controls what commands users can run, records sessions, alerts, and provides a complete audit trail of user activity on network devices via the command line. Delivered with a modular design that is highly scalable, PowerBroker for Networks’ architecture easily scales to hundreds of thousands of nodes without overburdening the network or administrators with overhead. With PowerBroker for Networks, organizations can manage large, distributed, and heterogeneous infrastructures while delivering optimal performance and without limiting activity. PowerBroker for Networks fully integrates with the central PowerBroker console, enabling customers to benefit from a single policy, management and reporting interface.
 
“Network devices – such as routers, switches, firewalls, IoT, ICS, and other SCADA devices – are critical for organizations to function, yet present open doors for external attackers and malicious insiders if not properly monitored,” said Brad Hibbert, COO, BeyondTrust. “To improve security on these devices, organizations must have control and visibility over privileged user activity. Since most network devices do not allow for the installation of agents, or are manufacturer-specific, PowerBroker for Networks fills an important gap.”
 
Because PowerBroker for Networks supports any device that utilizes SSH or Telnet to enable management, it can be utilized across a diverse network, and offers the following features:
 
·         Full Command Control and Session Auditing – Enables full, granular control and audit of all commands and sessions to network devices.
·         Real-time Session Monitoring – Warns, or warns then terminates, a session when questionable user behavior is detected.
·         Integrates with SIEM Solutions for Complete Security Intelligence – Generates logs and sends to syslog to be picked up by a SIEM system.
·         Alerts for Faster Cybersecurity Response – Generates alerts to prevent or stop unwanted activity.
·         Automates Single Sign-on – Integrates with password management solutions such as PowerBroker Password Safe to seamlessly retrieve passwords for automated sign-on through a proxied connection.
·         Centralizes Control – Centralizes administration, policy and audit data for decentralized devices and administrators.
 
“The idea of ‘identity’ seems intuitive, but identity can be distorted either by inside actors imitating legitimate credential holders, or miscreants escalating credentials,” said Christopher Kissel, Senior Cybersecurity Analyst, Frost & Sullivan. “A seemingly credentialed actor can wreak havoc as SecOps teams often cannot discover nefarious behavior emanating from users with proper credentials. BeyondTrust PowerBroker for Networks is an important and evolutionary step in identity and access management (IAM), offering network administrators a single-point of management for important functions such as command and control session monitoring and auditing, the generation of logs for SIEM, and automating single sign-on. Additionally, PowerBroker for Networks moves ‘identity’ from a role-based static event into an observable, fluid event where identity-change can be an Indicator of Compromise, or where SecOps can block access even for credentialed actors.”
 
“BeyondTrust has once again shown unparalleled innovation with the release of its industry-first dedicated privilege management solution for network devices,” said Paul Anderson, CEO, NovaCoast. “This solution adds much-needed protection against insider threats, and NovaCoast is looking forward to partnering with BeyondTrust as we help our customers improve control and audit on network devices.”
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Trend Micro has released new research detailing the murky cybercrime supply chain behind much of...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...
State of Industrial Cybersecurity report reveals only 21% of organizations achieved full maturity...