Capabilities of Bomgar Privileged Access

Bomgar Privileged Access lets you control access to critical systems without hindering the work privileged users need to perform. You can define how users connect, monitor sessions in real time, and record every session for a detailed audit trail. Highlighted features are below.

Secure Remote Access

Extend remote connection protocols beyond the LAN without compromising security by using a Layer 7 (Application) approach that incorporates much tighter controls than those available with a traditional VPN.

Remote Access

Use Bomgar's patented Jump technology or native protocols (RDP, SSH) to view or control remote desktops, servers, and network devices.

Native Two Factor TOTP Authentication

Utilize native two-factor authentication using a time-based one time password (TOTP) authentication app to log into Privileged Access.

SAML

Supports SAML for authentication.

Jump Shortcuts

Create shortcuts for frequently accessed computers.

Command Shell

Access the command line for network troubleshooting, system diagnosis or supporting a network device.

Custom Special Actions

Bomgar automatically detects the remote operating system and presents special action shortcuts to users during sessions (e.g. a shortcut to the Control Panel when connected to Windows systems). You can even create your own custom special actions.

Multi-Monitor Support

View and switch between all the monitors connected to the remote desktop.

Multi-Session Support

Access and control multiple systems simultaneously, so that processes spanning multiple systems can be addressed.

Reboot/Auto-Reconnect

Reboot the remote desktop without losing your connection. Reboot into safe mode with networking and request automatic logon credentials at reboot.

Remote Screenshot

Capture and save an image of the remote screen.

Scripts

Create a library of scripts for automating repetitive tasks.

System Information

View the remote system information, including running processes, installed programs, CPU usage, and more.

Access Console Scripting

Start a session with a remote computer from an external program.

File Transfer

Transfer files between remote computers during remote access sessions using Bomgar's built-in File Transfer.

Jump Technology

Bomgar’s patented Jump Technology enables remote access without requiring firewall changes or VPN.

Remote Desktop Protocol (RDP)

Integrated Microsoft Remote Desktop Protocol enhances RDP security and works across remote networks without VPN tunnels or open listening ports (TCP 3389).

SSH/Telnet

Connect to SSH-enabled or Telnet-enabled network devices and control the command line feature on the remote system.

VNC

Add better access control and auditing to your endpoints that require connecting using the VNC protocol.

Wake-on-LAN

Power systems on/off remotely with integrated Wake-on-LAN (WOL) support.

Mass Deployment

Deploy Bomgar Jump Clients to multiple systems at once.

Session Forensics

Easily perform forensics analysis and provide audit reports across video and text logs for internal and external compliance requirements. Authorized users can monitor, and even terminate, sessions in real-time.

Session Forensics

Command shell recordings are now included in Session Forensics searches. Successful matches in stored shell recordings automatically take the user to that point in time in the recording.

Endpoint Surface Analyzer

Know and control how critical endpoints are accessed throughout your organization. Be aware of the listening network port exposure for systems that you manage. Report and keep a running log of critical endpoint network exposure.

Dashboard

Monitor ongoing remote sessions, take over sessions, or transfer them to another user. The Dashboard lets you monitor privileged sessions from your desktop or iPad.

Message Broadcast

Broadcast a message to all logged-in users.

Reports

Generate activity reports for specific users or groups. Reports include details about remote sessions, including system information, IP information, file transfer details and more. The following reports are available: Session Reports; Team Reports; Summary Reports; User Account Reports.

Reporting Permissions

Define which privileged users can view or generate reports.

Session Recording Videos

Capture videos of each RDP, Command Shell, or Jump session. Videos include annotations identifying who has mouse/keyboard control, and you can pan through videos quickly to find key events.

SNMP Monitoring

Monitor the Bomgar Appliance using Simple Network Management Protocol (SNMP).

Syslog

Send log messages about the Bomgar Appliance to an external syslog server.

Cloud Access Control

Harden your internet-facing cloud resources by closing unnecessary ports. Enable multiple authorized users to access and manage cloud infrastructure powered by AWS, Azure, VMware and other IaaS providers.

IaaS Providers

Supports Windows, Redhat, CentOS, and Ubuntu Linux VMs powered by AWS, Azure, VMWare and other IaaS providers.

Multi-User Access

Allow multiple authorized users to securely connect and manage cloud infrastructure without revealing root credentials.

Reduced Attack Surface

No opening of inbound firewall configurations required. Harden your internet facing cloud resources by closing all unnecessary ports including 22 and still get shell access!

Headless Linux Support

Headless Linux configurations supported for on prem data center, public, and private cloud infrastructure.

Defense-In-Depth

Integrate with SIEM, Change Management, and Multi-Factor Authentication tools for a comprehensive approach to securing privileged access. Out-of-the-box integrations are available for a number of the leading solutions.

SIEM

Use the Bomgar API to integrate privileged access with your SIEM solution.

Change Management

Integrate Bomgar Privileged Access with ServiceNow or other change management solutions.

Identity Management

Use LDAPS/Active Directory to provision users and groups.

RADIUS

Use RADIUS for multi-factor authentication.

Kerberos

Use Kerberos for single sign-on.

Smart Card Support

Pass smart card credentials to remote computers.

Authorization and Notification

Require access notification and authorization. Define what endpoints users can access, schedule when they can access them, and white/blacklist applications for a comprehensive approach to privileged access.

Application Whitelisting/Application Sharing

Only allow specific applications to be viewed by privileged users.

SecureApp

Manage and control access to securely launch a specific application, without giving full system access.

Access Authorization

Require authorization by a third party before a privileged user can access an endpoint.

Inactive Session Timeout

Automatically log users out after the session has been inactive for a given amount of time.

Post-Session Lock

Automatically lock the remote computer at the end of each session.

User Login Schedule

Define when sessions can occur on an individual or group basis.

Jump Session Policies

Define which tools are available to privileged users based on the specific endpoint being accessed.

Automatic Elevation Service

Automatically elevate privileges on remote Windows computers whenever a session begins.

Elevate Customer Client

Manually elevate privileges on remote Windows computers.

Secure File Transfer

Define which files and directories can be viewed. Limit file upload or download privileges and prevent users from having full control of the remote file system.

Remote Registry Editor

Access the remote registry editor on Windows computers.

Restrict End-User Interaction

Prevent end users from controlling the remote mouse and keyboard, or black out the remote screen while a session is occurring.

Special Actions

Set permissions on which special actions and custom special actions are available to users.

SUDO Manager

Manage privileged elevation Linux endpoints. Protect and manage access to existing SUDO and SUDOERS files without migrating from SUDO.

View or Control

Give users remote control or view-only privileges on remote computers.

User Device Verification

Require verification for mobile devices prior to allowing them to be used in sessions.

Team and Group User Management

Easily assign the right access to the right users. Sync Bomgar with Active Directory or LDAP group policies.

Mobile and Web Consoles

In addition to desktop consoles for Windows, Mac, and Linux, Bomgar Privileged Access includes mobile apps and a browser console. Native mobile apps give users secure access over 3G/WiFi from Android or iOS devices only to allowed endpoints. The Bomgar Privileged Web console enables privileged access from the browser without installing software locally.

Android Access Console

Access remote computers and servers securely from an approved Android tablet or phone.

Apple iOS Access Console

Access remote computers and servers securely with screen sharing and command shell from an approved iPad or iPhone. Authenticate to the iOS Access Console with Touch ID.

Privileged Web Console

Access to endpoints securely through a web-based access console. The Bomgar Privileged Web console enables privileged access without installing software locally.

Desktop Access Console

The Access Console is the desktop application for Bomgar Privileged Access. It places remote computers and time-saving tools at your users' fingertips.

Access Extender

Centrally manage and audit 3rd party protocols without VPN. Grant user, network path, and port-specific level access to endpoints, or enable access to ICS or databases. Bomgar can video record access sessions.

Advanced Web Access

Manage privileged access to business assets that leverage web-based management consoles for IaaS resources, hypervisors, and network infrastructure, including IaaS servers, hypervisor environments, and web-based configuration interfaces for core network infrastructure.

Credentials and Keys

Authorize access without exposing credentials to privileged accounts. Store credentials in your password management solution. Then authenticate users or elevate privileges with credential or SSH key injection.

Endpoint Credential Management

Integrate Bomgar with your password vault to utilize pre-provisioned credentials. Credential management lets you hide authentication details from privileged users even while granting them access to approved endpoints.

Credential Injection™

When Bomgar Privileged Access is integrated with Bomgar Vault or the password vaulting solution your organization is using, users can directly inject credentials into end servers and systems with just one click. Since the user never sees the plain text credentials, they can’t compromise them, greatly increasing security. Improve productivity by allowing administrator accounts to access systems with just the click of a button- no more wasted time finding or tracking down credentials.