ManageEngine PAM360 - An Overview

The Problem

In this modern age of IT revolution, infrastructure setups are comprised of an ever-growing mix of critical assets spanning across physical, virtual, and cloud platforms. Apart from that, every enterprise also runs numerous business applications that deal with sensitive intellectual property and strategic information.

But, as businesses grow thus, so do cyber risks. Today's cyber criminals constantly attempt to gain access to sensitive IT resources in an enterprise by compromising privileged accounts, the proverbial 'keys to the kingdom'. Once an attacker manages to acquire a privileged account credential, breaking in to the enterprise's IT network becomes a child's play. To thwart such threats and stay in control, we need to put tighter locks on privileged accounts and also keep a round-the-clock check on privileged access by employees and third parties likewise.

Proper management of privileged accounts eventually calls for protecting the administrative passwords of such respective accounts. However, in any large organization with an extensive infrastructure, administrative passwords will be in thousands. Consequently, it becomes a daunting task for anyone to keep track of all the passwords. Users tend to store the user name and password information somewhere in their system locally or in a central location when multiple administrators need to use the information.

The Solution

The only way out is the use of a secure privilege access management solution that enables safe storage of administrative passwords and other types of sensitive data such as Digital Certificates, Licence Keys, Files, Documents, etc., in a centralized medium, offering the flexibility to share them among multiple users based on fine-grained user authorization.

So, we have come up with the complete privileged access management software, PAM360 that combines Credential Vaulting, Privileged Account Governance, Remote Access Management, Privileged User Monitoring, Threat Analytics and Web-based SSH Key and SSL Certificate Management Solution, all into a single platform.

PAM360 - The 360 Degree Approach to Securing Privileged Access

ManageEngine PAM360 is a complete solution to control, manage, and audit the entire life cycle of privileged accounts and their access. In a single package, it offers the following solutions:

  • Privileged account governance
  • Remote access controls
  • Just-in-time privilege elevation 
  • Privileged session monitoring
  • Privileged user behavior analytics
  • Context-aware event correlation
  • Audit and compliance
  • Comprehensive reporting
  • DevOps protection
  • Ticketing system integration
  • Application credential security
  • SSH key management
  • SSL certificate management

PAM360 fully encrypts and consolidates all your privileged accounts in one centralized vault, reinforced with granular access controls. It also mitigates security risks related to privileged access and pre-empts security breaches and compliance issues.

Using PAM360, IT administrators can centrally create users, assign them with specific roles and define access levels. Only authorized users will get access to view, edit or manage the permitted 'resources' (the resources assigned to them) based on their role. Moreover, the comprehensive auditing mechanism of PAM360 helps in tracking who accessed what and when, thereby ensuring accountability in a multi-member environment.

Password Management in PAM360

Ensuring the secure storage of passwords and offering high defense against intrusion are the mandatory requirements for privileged account security. The following measures in PAM360 provide the required security levels:

  • Ability to scan networks and discover critical assets to automatically onboard privileged accounts into a secure vault that offers central management, AES-256 encryption, and role-based access permissions. AES functions have been adopted and also recommended as an encryption standard by the U.S. Government.
  • Role-based, fine-grained user authentication mechanism ensures that the users are allowed to view the passwords based on only the authorization provided.
  • All transactions through the PAM360's browser take place through HTTPS.

Privileged User Behavior Analytics

PAM360 allows you to closely monitor your privileged users for the potentially harmful activities that might affect business.

The Help Documentation Structure

The Help documentation for PAM360 is broadly divided into the following sections:

  • Introduction
  • Users
  • Authentication
  • Resources & Groups
  • Sessions
  • SSH Keys & Certificates
  • High Availability & Disaster Recovery
  • Admin Actions
  • Miscellaneous

Once you have installed PAM360, refer 'Installation & Getting Started' under the 'Introduction' tab for steps to install PAM360 and steps to connect to the PAM360 web portal to start working with the solution. The 'Installation & Getting Started' section also allows you to know about different pre-requisites, browser settings, system requirements, agent details, license information, etc. The 'Introduction' tab has links to documents explaining the database migration procedure, important terminologies used in the product, etc. Rest of the other tabs provide information on different modules of PAM360, used to carry out various privilege management activities.

©2019, ZOHO Corp. All Rights Reserved.