Monitor Privileged Users and Shrink Your Attack Surface
Traditional peripheral security measures - like firewalls, active directory rights management, complex password policies, and frequent rotation - are proving to be limited. When unauthorized users gain access to accounts and credentials, they can bypass these traditional systems. The largest and most recent cyber breaches have been attributed to unauthorized users leveraging privileged credentials for unauthorized access.
Cyber security professionals have a problem. They must maintain security and manage risk without hindering user productivity and satisfaction. With Bomgar, security professionals can control and monitor privileged access while also empowering authorized users to perform their duties. Bomgar addresses privileged access with the four A’s of security: Architecture, Authentication, Access Controls, Audit.
Architecture: Deploy without Disruption
Bomgar Privileged Access is designed to work within an already secure network perimeter. Because both the customer and the user connect to Bomgar through outbound connections, no firewall changes are necessary. That means you can extend Remote Desktop Protocol and SSH beyond the LAN without opening ports or requiring VPN connectivity.
And Bomgar works across platforms. Privileged users can connect to Windows systems within the network without deploying a client prior to connecting. Or you can deploy Bomgar clients to Mac and Linux systems, or any server/computer outside your managed network. Connect to Linux and UNIX systems with SSH. Users can even connect from Android or iOS devices.
Each remote connection is guarded by secure encryption and passes through the Bomgar appliance. Bomgar can reside in your network, under the security measures you already have in place.
Authentication: Leverage Existing Directories
One key to managing power users’ privileges is managing their credentials. That’s why Bomgar integrates with your existing directory services, like LDAPS and Active Directory. If you change a user's account in Active Directory, it is automatically reflected in Bomgar.
In addition, Bomgar Verify can be enabled for Local and LDAP accounts using common multifactor apps, such as Google Authenticator, or you can integrate with other multifactor authentication solutions, such as Duo, RSA, SecurEnvoy, and SecureAuth. You can connect Bomgar to RADIUS for multi-factor authentication and Kerberos for single sign-on. And with Bomgar, a privileged user can use his or her Smart Card to authenticate to a remote computer.
But that’s not all. Since Bomgar allows privileged users to connect from mobile devices, you can create a list of authenticated devices and determine the network locations from which they can connect. You’ve worked hard to make your general authentication structure secure. Bomgar lets you leverage it.
Access Controls: Define more than 50 Permissions
Bomgar offers more than 50 separate user permissions, so you can fine tune the level of access available to each privileged user. Assigning permissions to users or user groups is straightforward. You can even create templates in Bomgar and use Active Directory to assign users to those templates. If you move a user from one group to another in LDAPS, their permissions in Bomgar are automatically updated to reflect their new role.
Rather than giving users all-or-nothing access, Bomgar helps you implement least privilege best practices for all your users. You can define what endpoints and applications are available, and when they can be accessed. Let users connect right away or notify and require permission from an authorized approver before each session.
- Restrict remote access to defined endpoints
- Schedule when endpoints can be accessed
- Require access notification and authorization
- Prevent unauthorized programs from being viewed with application whitelisting
- Manage your access control policy with group policies
Audit: Report in Detail on Every Session
Not only does Bomgar help prevent unauthorized access, it also gives you insight when an authorized user does something that is unauthorized.
Bomgar logs all session activity centrally. Know who connected to endpoints, when the sessions occurred, and what happened during the session. In addition to log reports, Bomgar also records videos of each session. These video recordings capture every action taken in each remote desktop, SSH, or Telnet session.
You can export session videos and reports from Bomgar and store them in an external file system for a detailed audit trail. Or you can track session data and configuration changes with your existing SIEM solutions.