BeyondTrust announced on Monday PowerBroker for Networks, its management solution for network, IoT, ICS, and SCADA devices. PowerBroker for Networks rounds out BeyondTrust’s privilege management support, which includes privilege management for Windows, Mac, Unix and Linux endpoints, servers, applications, and now any device managed via SSH or Telnet.
With PowerBroker for Networks, BeyondTrust users can realize the benefits of end-to-end least privilege faster and with less complexity across across nearly all environments, including critical network devices.
PowerBroker for Networks is an agentless solution that controls what commands users can run, records sessions, alerts, and provides a complete audit trail of user activity on network devices via the command line.
Delivered with a modular design that is highly scalable, PowerBroker for Networks’ architecture scales to hundreds of thousands of nodes without overburdening the network or administrators with overhead. With PowerBroker for Networks, organizations can manage large, distributed, and heterogeneous infrastructures while delivering optimal performance and without limiting activity.
PowerBroker for Networks fully integrates with the central PowerBroker console, enabling customers to benefit from a single policy, management and reporting interface.
PowerBroker for Networks supports any device that utilizes SSH or Telnet to enable management, it can be utilized across a diverse network, and offers full command control and session auditing that enables complete, granular control and audit of all commands and sessions to network devices; and real-time session monitoring that warns, or warns then terminates, a session when questionable user behavior is detected.
It integrates with SIEM solutions for security intelligence that generates logs and sends to syslog to be picked up by a SIEM system; delivers alerts for quicker cybersecurity response to generate alerts to prevent or stop unwanted activity; integrates with password management solutions such as PowerBroker Password Safe to seamlessly retrieve passwords for automated sign-on through a proxied connection; and centralizes administration, policy and audit data for decentralized devices and administrators.
PowerBroker for Networks is a privilege management solution that secures access to network devices, enabling organizations of all sizes to reduce cybersecurity risk and achieve privilege management at scale. Policies can be simple, such as a basic list of users coupled with allowed commands, or can be driven by external data sources such as reference files, databases, or LDAP queries that allow for powerful command validation and dynamic rules to be created, ultimately providing total flexibility and granularity over each user’s session.
“Network devices – such as routers, switches, firewalls, IoT, ICS, and other SCADA devices – are critical for organizations to function, yet present open doors for external attackers and malicious insiders if not properly monitored,” said Brad Hibbert, COO, BeyondTrust. “To improve security on these devices, organizations must have control and visibility over privileged user activity. Since most network devices do not allow for the installation of agents, or are manufacturer-specific, PowerBroker for Networks fills an important gap.”
“The idea of ‘identity’ seems intuitive, but identity can be distorted either by inside actors imitating legitimate credential holders, or miscreants escalating credentials,” said Christopher Kissel, Senior Cybersecurity Analyst, Frost & Sullivan. “A seemingly credentialed actor can wreak havoc as SecOps teams often cannot discover nefarious behavior emanating from users with proper credentials. BeyondTrust PowerBroker for Networks is an important and evolutionary step in identity and access management (IAM), offering network administrators a single-point of management for important functions such as command and control session monitoring and auditing, the generation of logs for SIEM, and automating single sign-on. Additionally, PowerBroker for Networks moves ‘identity’ from a role-based static event into an observable, fluid event where identity-change can be an Indicator of Compromise, or where SecOps can block access even for credentialed actors.”
“BeyondTrust has once again shown unparalleled innovation with the release of its industry-first dedicated privilege management solution for network devices,” said Paul Anderson, CEO, NovaCoast. “This solution adds much-needed protection against insider threats, and NovaCoast is looking forward to partnering with BeyondTrust as we help our customers improve control and audit on network devices.”
