ONE IDENTITY
Safeguard

Securely store, manage, record and analyze privileged access

Take the stress out of protecting your privileged accounts by securely storing, managing, recording and analyzing privileged access with One Identity Safeguard. Available as a hardened appliance with an intuitive interface, Safeguard can detect and halt unknown threats while satisfying your auditors and admins. It is an integrated solution that combines a secure hardened password safe and a session management and monitoring solution with threat detection and analytics.

Key Features

POLICY-BASED PASSWORD RELEASE

Using a secure web browser with support for mobile devices, you can request access and provide approval for privileged passwords and sessions. Requests can be approved automatically or require dual/multiple approvals based on your organization’s policy.

USER BEHAVIORAL BIOMETRICS

A Safeguard for Privileged Analytics-be épített algoritmusok megvizsgálják azokat a viselkedési jellemzőket, amelyeket a Safeguard for Privileged Sessions gyűjt össze.

FULL-SESSION AUDIT, RECORDING AND REPLAY

All session activity – down to the keystroke, mouse movement, and windows viewed – is captured, indexed, and stored in tamper-proof audit trails that can be viewed like a video and searched like a database. Audit trails are encrypted, time-stamped and cryptographically signed for forensics and compliance purposes.

Product Family

ONE IDENTITY Safeguard for Privileged Passwords

A One Identity Safeguard for Privileged Passwords automatikus munkafolyamatokkal és szerep alapú hozzáférés-kezeléssel automatizálja, szabályozza és biztonságossá teszi a kiemelt felhasználói jelszavak kezelését. Felhasználóbarát felülete gyorsan megtanulható. A jelszavak bárhonnan és szinte bármilyen eszközről kezelhetők. Az eredmény pedig egy olyan megoldás, amely biztonságossá teszi a vállalatát, és kiemelt felhasználóinak a szabadság és funkcionalitás új szintjét biztosítja

ONE IDENTITY Safeguard for Privileged Sessions

A One Identity Safeguard for Privileged Sessions-szel szabályozhatja, felügyelheti, és rögzítheti az adminisztrátorok, külsős szolgáltatók, illetve más magas kockázatú felhasználók munkameneteit. A rögzített munkamenetek tartalma indexelt, így az események keresése egyszerű, sőt a Safeguard for Privileged Sessions segíti az automatikus jelentéskészítést is, így a törvényi megfelelés követelményei is könnyen teljesíthetők. A Safeguard for Privileged Sessions proxyként működik és folyamatosan nyomon követi az alkalmazás szintű protokollok forgalmát. Ez hatékony védelmet biztosít a támadások ellen, mivel minden olyan forgalmat visszautasít, amely nem felel meg a protokoll szabályainak. Mindezek eredményeként finomhangolt hozzáférés-kezelő eszközként is használható.

ONE IDENTITY Safeguard for Privileged Analytics

A One Identity Safeguard for Privileged Analytics egy kiemelt felhasználói viselkedés elemző eszköz. Segítségével megtudhatja, hogy mely kiemelt felhasználók jelentik a legnagyobb kockázatot, felderítheti, hogy melyek voltak az eddig ismeretlen belső és külső fenyegetések, és leállíthatja a gyanús tevékenységeket. A Safeguard for Privileged Analytics rangsorolja a potenciális kockázatokat, így Ön is priorizálhatja teemdőit – a legsürgetőbb fenyegetésekre azonnal válaszolhat – és végső soron megelőzheti a biztonsági incidenseket.

Benefits

Protect against privileged ID theft and privileged insider misuse

Identify high-risk privileged users, risky behaviors and unusual events

Easier compliance with efficient audit reports

Faster incident response, IT troubleshooting and forensics

Simplified, yet comprehensive privileged account management

No changes to privileged user workflows

Quick ROI with simplified deployment and management

Features

Policy-based password release

Using a secure web browser with support for mobile devices, you can request access and provide approval for privileged passwords and sessions. Requests can be approved automatically or require dual/multiple approvals based on your organization’s policy. So, whether your policies consider the requestor’s identity and level of access, the time and day of the request, and the specific resource requested – or all of these — you can configure One Identity Safeguard to meet your customized needs. Plus, you can input reason codes and/or integrate with ticketing systems.

User behavioral biometrics

Each user has its own idiosyncratic pattern of behavior, even when performing identical actions, such as typing or moving a mouse. The algorithms built into Safeguard for Privileged Analytics inspect these behavioral characteristics captured by Safeguard for Privileged Sessions. Keystroke dynamics and mouse movement analysis not only help you identify breaches, but also serve as a continuous, biometric authentication.

Change control

Supports configurable, granular change control of shared credentials, including time-and last-use-based, and manual or forced change.

Finomhangolt hozzáférés-kezelés

A Safeguard teljes körűen támogatja az SSH, Telnet, RDP, HTTP(s), ICA és VNC protokollokat. Ezen felül a biztonsági csapatok eldönthetik, hogy a protokollon belül mely hálózati szolgáltatásokat (pl. fájltranszfer, shell hozzáférés, stb.) akarják hozzáférhetővé tenni az adminisztrátorok számára.

Full-session audit, recording and replay

All session activity – down to the keystroke, mouse movement, and windows viewed – is captured, indexed, and stored in tamper-proof audit trails that can be viewed like a video and searched like a database. Audit trails are encrypted, time-stamped and cryptographically signed for forensics and compliance purposes.

One identity hybrid subscription

Expand the capabilities of Safeguard with the One Identity Hybrid Subscription, which offers immediate access to cloud-delivered features and services. These include all-you-can-eat Starling Two-Factor Authentication to protect Safeguard access and Starling Identity Analytics & Risk Intelligence for Safeguard to pre-emptively detect risky users and entitlements. A single subscription enables all One Identity solution deployments.

Command and application control

Safeguard for Privileged Sessions supports both black listing and white listing of commands and windows titles. Predefined blacklist could include risky commands or texts in a text-oriented protocol, or suspicious window titles in a graphical connection. In the case of detecting a suspicious user action, Safeguard can send you an alert or immediately terminate the session.

Full-text search

With its Optical Character Recognition (OCR) engine, auditors can do full-text searches for both commands and any text seen by the user in the content of the sessions. Security teams can search for specific events across sessions and play the recording starting from the exact location the search criteria occurred. It can even list file operations and extract transferred files for review. The ability to search session content and metadata accelerates and simplifies forensics and IT troubleshooting.

Discovery

Quickly discover privileged accounts or systems on your network with host-, directory- and network-discovery options.

Approval anywhere

Leveraging One Identity Starling Two-Factor Authentication, you can approve or deny requests from anywhere – and with nearly any device -- without being on the VPN.