Xton Access Manager Product Update 2.3.202003292209
Today we released new update to the Xton Privileged Access Manager software. This update added support to control file transfer option for RDP or SSH sessions, added SSH Public Key management facility, Asset Bindings and Subscription reports.
Added support to control file transfer option for RDP or SSH sessions
This update added the option to enable or disable file transfer option for in-browser sessions as well as for sessions established using native RDP or SSH clients. The file transfer control option could be configured on a global level and overwritten for each individual record. The option allows system owners to block file upload and download to specific servers following regulations and compliance requirements as well as security practices for highly sensitive access.
Use global parameter Administration / Settings / Parameters / Session File Transfer to enable or disable file transfer option for all system assets. Use record level field FileTransfer to overwrite global setting for any specific record. To enable record level option, extend default configuration by adding the Choice custom field named FileTransfer (display name File Transfer Control) with the possible values Use Global, Enabled, Disabled to the record type that requires file transfer control. After that, set the required value for this field to each specific record of this record type.
Added SSH Public Key management facility
XTAM SSH Proxy allows SSH public key authentication for remote server access and SSH Proxy shell operations. Users often choose SSH public key authentication to simplify connection and removing the need to enter passwords during login. New update adds several tools for system owners to manage SSH public keys of system users, enforce key life cycle policies and provide visibility to the key use.
The update added audit events about SSH Public Key generation, upload and deletion. The update also introduced the option to specify expiration policy to invalidate the keys and force users to rotate them. Use global parameter SSH Proxy Public Key Expiration to define expiration time in days.
The update also added SSH Public Key creation date to the Users report highlighting expired and blocked keys to provide system owners visibility to the key status for all system users. Moreover, the system administrators can now block and unblock SSH Public Keys for selected users to enforce key rotation or removing the option to access the system.
Added subscription reports
The update added two Subscription reports that provide visibility for system administrators to alerts and scheduled reports distribution users subscribed to. The subscription reports reflect user interest to the system events, provide an indication of the load of the distribution system and also allow to unsubscribe users from certain events or report distributions.
Alert subscription report in addition provides an insight into the session score calculation as well as to the behavioral analytics enforcement by highlighting points of interests of various stake-holders about admin activities in the session.
Added automatic proxy PAC generation URL to simplify HTTP Proxy configuration
The update added system end-point URL https://host.company.com/xtam/proxy.pac to generate proxy.pac configuration file for the browsers to use to system proxy setting based on the configured global property HTTP Proxy Domains.
The update also added system end-point URL https://host.company.com/xtam/proxy.pac?portals to generate proxy.pac configuration file for the browsers to use to system proxy setting based created WEB Portal records. Both URL end points simplify HTTP Proxy configuration by allowing to quickly redirect client side browser to use XTAM as an HTTP proxy server managing the traffic to the remote WEB Portals.
Added User-centric Asset Bindings Report
The update added Item workflow biding report to display all users in all groups with the related workflow bindings to the selected item with the search and export options to simplify analysis of workflow binding configurations. The report allows to quickly analyze the specific restrictions and requirements a user has in relation to the selected asset regardless of whether the restriction is configured for multiple groups user is a member of or for the user themselves.
Please review key features documentation and product news using the links below
- 5 Tips for Improving Remote Access Security
- Using Public Key Authentication with native SSH Applications for Secure Sessions
- Subscriptions (Alerts) Report
- Subscriptions (Reports) Report
- User-centric Workflow Bindings Report
- Copy Files and Clipboard Text To and From Remote Sessions
- Quick File Transfer Using Drag and Drop to Remote Sessions
- Custom Fields Added to Record Types for Enhanced Functionality
- XTAM REST API Documentation
- Stream XTAM Event Messages to Windows Event Log
- XTAM Password Vault Free Trial Download
- Xton Access Manager User Manual
- Getting Started Guide
- Xton Technologies News and Events
- Xton Access Manager How-To Guides
- Explore Our PAM Features and Highlights
- Explore a pre-configured live demo in our environment
- Best Practices Guide provides insights into both Concepts and Design elements for users looking to build out their PAM deployment
The software requires about five minutes to install on a freshly built Windows or Linux server or desktop with 2+ Gb RAM and no pre-requisites. After installation, please follow our Getting Started Guide for step-by-step introduction to the application.
Read the product documentation including Windows and Linux installation instructions as well as Getting Started Guide: https://www.xtontech.com/resources/documentation/
Follow this link for the instructions how to update the existing setup: https://www.xtontech.com/resources/faq/updating-xton-access-manager-version/
Check the software pricing, including options and licensing FAQ: https://www.xtontech.com/store/
We appreciate your feedback and comments about Xton Access Manager and also about handling privileged accounts, passwords, keys and certificates as well as sessions to remote computers in general.
Thank you for your interest in our product.
Xton Technologies team
Xton Access Manager for Privileged Access Management (PAM) provides complete, control for your privileged passwords, secrets, certificates and documents to meet audit requirements while limiting your risk of security breaches. It’s easy to install, affordable, cloud-ready and offers unlimited use and storage
Please fill out this form to receive a download link to get started today, even on your current desktop or laptop. Documentation is available to help or you can email or call us to request a trial extension, discuss questions and share your feedback. We would love to talk to you.