Imprivata Privileged Access Management Product Update 2.3.202004122320

April 12, 2020

PAM Update: Added RDP Proxy session recording option and behavioral analytics rules for authentication

This update added the RDP Proxy session recording option to video record sessions made using native (desktop or mobile) RDP clients and behavioral analytics rules for authentication watching successful and failed login attempts.

Added RDP Proxy session recording option

This update adds the option to video record sessions to Windows servers made by native RDP clients. Video recording of RDP Proxy sessions could be watched by the embedded Quick Player indexed by session events or converted to AVI or MOV video formats.

RDP Proxy video records sessions made by desktop clients (such as MS RDP mstsc, mRemoteNG, FreeRDP, etc) run on Windows, Mac OS or Linux operating systems as well as by the clients run on iOS or Android mobile platforms.

The option to establish and record sessions to remote Windows server and desktop devices using native RDP clients significantly increases the adoption of best privileges access management practices in the organization as well as improves overall network security.

RDP proxy session recording is enabled automatically for users with permissions requiring session recording for records brokering connections to remote Windows servers.

Added Frequent Logins behavioral analytics rule

This update adds the option to enable Frequent Logins behavioral analytics rule watching for the excessive number of logins to the system.

System administrators can now configure the system to log audit events or block a user account when the system detects too frequent logins to the system either using the WEG GUI authentication form or logins using SSH or RDP clients.

This way, the system owner can protect against malicious users or scripts attacking the system by assuming that a regular user would not try to login into the system with a high frequency.

Added Frequent Failed Logins behavioral analytics rule

This update adds the option to enable Frequent Failed Logins behavioral analytics rule watching for the excessive number of failed authentication attempts to the system.

System administrators can now configure the system to log audit events or block a user account when the system detects many failed logins to the system either using the WEG GUI authentication form or logins using SSH or RDP clients.

This way, the system owner can protect against malicious users or scripts trying to guess the passwords of system users.

Added the option to launch native SSH client on Mac OS computers

This update adds the option to launch a native SSH client from the record view screen on Mac OS computers right from the WEB browser.

The option is available for the users with the right permissions to access records using native SSH clients on Mac OS devices only.

The option takes advantage of URL Protocol Handler natively deployed on Mac OS computers that allow launching of SSH sessions initiated by the properly constructed URL.

The option further improves system adoption and usability to provide a quick way to connect to the privileged account using familiar tools.