Skip to main content

Hitachi ID Privileged Access Manager Screen Shots

Image:  screen-shots/request-clientxp
(Click to enlarge)

Select managed system and account:

When a user needs to gain access to a privileged account on a managed system, the first step is to select the system and account. A searchable, browsable UI is presented for this purpose, as shown here.

Image:  screen-shots/checkout-access
(Click to enlarge)

Checkout a session:

The next step is to checkout a session. Access control rules determine which users are allowed to checkout a session to which accounts on which systems. Alternately, a user can request one-time access (authorized through a workflow process). In either case, concurrency limits may be in place, for example to ensure that no more than two administrators work on the same system at the same time.

Image:  screen-shots/login-rdp
(Click to enlarge)

Launch RDP connection:

Once a session has been activated, the user can connect. Policy determines what connection options are available -- in this case, there is just one: to launch a remote desktop session.

Image:  screen-shots/rdp-make-changes-nb
(Click to enlarge)

Manage the system:

Using the remote desktop window, the user can do his work. He can close the window and open it again later, so long as his Hitachi ID Privileged Access Manager session has not timed out and been automatically checked back in.

Image:  screen-shots/checkin-access
(Click to enlarge)

Checkin the session:

When his work is done, the administrator checks in the session. This typically causes the password to the account he was using to be randomized again and the new value placed in the secure, replicated vault.

Image:  screen-shots/hipam-managed-account-checkouts-checkins
(Click to enlarge)

Report: Managed account check-outs / check-ins:

Shows current and historical check-outs of managed accounts. Can be run with data selection on system/account (i.e., who has accessed this?) or based on user (i.e., what has this user signed into?).

Image:  screen-shots/hipam-expired-password-report
(Click to enlarge)

Report: Expired password:

Shows when passwords are due to be changed next -- for example, at check-in time or on a schedule.

Image:  screen-shots/hipam-account-access-checkout-trend
(Click to enlarge)

Report: Account access check-out trend:

Shows activity, in terms of workflow requests for on-off access and check-outs (pre-authorized or individually approved) over time. The scope of the report (which systems, which accounts) and the time interval are configurable.

Image:  screen-shots/hipam-discovered-accounts
(Click to enlarge)

Report: Discovered accounts:

Shows accounts that have been discovered by the system. For each account, indicates why it appears in the listing -- for example, the account is a member in a privileged security group, is used to run a service, etc.

Read More:

  • Features:
    Privileged Access Manager is a system for securing access to privileged accounts. It works by regularly randomizing privileged passwords on workstations, servers, network devices and applications. Random passwords are encrypted and stored on at least two replicated servers.
  • Business Case:
    Privileged Access Manager helps organizations secure access to privileged accounts by randomizing their passwords and forcing users to sign into Privileged Access Manager when they need privileged access. It automatically deactivates access for departed IT users and creates a forensic audit of login session to sensitive accounts.
  • Screen Shots:
    Snapshots of the Privileged Access Manager web interface.
  • Screen Recordings:
    Recordings of user interaction with Privileged Access Manager.
  • Concept Animations:
    Animated demonstrations illustrating user interaction with Privileged Access Manager and data flow between components on the network.
  • Slide Decks:
    Slide presentations that discuss privileged access management in general and Privileged Access Manager in particular.
page top page top