Privilege Identity Manager (Deep PIM) is the industry’s most practical and non-intrusive solution to address privilege identity related challenges in any organizations.
Deep PIM is built as plug-ins on top of Identity Manager (Deep IM) and comes with Privilege Access Server, which will act as proxy for access to back-end Windows and Unix servers. Deep PIM is an integrated solution with Deep IACM and Deep IM. Organizations now can take a practical and non-intrusive approach to address their Privilege Identity Management challenges including recording of sessions.
Unlike traditional privilege identity products, Deep PIM simplifies privilege identity management process to enhance organizations IT security and enables organizations to meet regulatory requirements.
Privilege Access Request
Deep PIM out-of-the-box integration with Deep IM allows usage of the access request and workflow technology for users in the organization to make request to access back-end servers with privilege identities.
Deep PIM provides access request policies on list of servers allowed for privilege access, list of accounts on each server and when the access request can be made. Exception based approval policies are in place for ad-hoc privilege activities.
Privilege Command Manager (Unix)
Privilege Command Manager module enables organizations to automatically discover list of commands (unix binaries) along with its version and its permissible path.
Privilege Command Manager also provides additional policies to restrict list of commands that can be allowed along with its path and which users are allowed to execute them and on which server. Advance options include variables restrictions in the unix shell itself or another shell such as sqlplus or vi editor.
This sandbox style command manager for privilege access is preferred by large organizations to prevent malicious or accidental incident, which eventually may be a threat or risk to organizations.
To improve the security of privilege access, the privilege command manager also manages session for concurrent access, termination of sessions and monitor idle session.
Secure Desktop Connection Manager
Secure Desktop functionality supports Microsoft Servers for privilege remote access. This secure desktop access allows users to connect to any windows servers without the need to know the privilege identity password of the target servers.
Users can use their standard browsers to connect to target servers via the PIM-Gateway Server and have complete access to windows desktop and applications on the target windows server.
Secure Desktop connection Manager also manages session for concurrent access, termination of session and monitor idle session.
Session Logging and Recording
Deep PIM provides comprehensive logging and recording of the privilege identity session. This logging and recording is done at the PIM-Gateway Server which acts as proxy for all access to target servers.
Privilege Command Manager logs are text based and stored in sql database while the Secure Desktop Connection Manager logs are compressed and stored on the PIM-Gateway Server.
Keywords search, correlations between events and intelligence are some of the built-in features of Identity Privilege Identity Manager.