Imprivata Privileged Access Management Product Update 2.3.201912012240

December 1, 2019

PAM Update: Added RDP Proxy to enable high trust access to remote Windows servers using native RDP applications

This update adds the RDP Proxy component to enable high trust access to remote Windows devices using native RDP applications.

Added RDP Proxy component to enable high trust access to remote Windows devices using native RDP applications

This update adds the option to access remote windows computers using a wide variety of native RDP clients including Microsoft Remote Desktop Client (mstsc) from Windows computers, mobile devices, phones or tablets run on different Operating Systems.

This option significantly accelerates the adoption of secure practices in the distributed networks because system administrators can continue using their traditional access techniques while relying on PAM infrastructure for controlled, managed and audited access.

At the same time, RDP Proxy architecture ensures that sensitive access credentials remain locked at the central vault and not released to the client workstations potentially located outside of the corporate network even in an encrypted form for these workstations to decrypt.

RDP Proxy feature allows high trust login to remote servers using the credentials defined on the record usually concealed from the operator.

RDP Proxy also includes audit logging about the start and end of the access, session reporting, role-based, just-in-time and temporary access, time-, location- and duration-based access requests, and password rotation after the access is completed.

RDP Proxy feature could be enabled in the latest PAM deployments using system parameter RDP Proxy and optionally specifying RDP Proxy Port.

PAM server has to be restarted after changing parameters.

To establish access to a remote server, configure a native RDP client connection using user#record-id or user#record-name as a user and an PAM user password for an PAM user with the access to establish a connection to the remote resource.

 

Read more about the RDP Proxy rationale, use cases, configuration, use and examples of the applications in secure RDP proxy sessions using your native Desktop or Mobile Applications.

PAM will continue supporting existing methods to connect to Windows servers using in-browser sessions.

PAM also supports access to remote Unix and Linux devices using both in-browser and SSH Proxy sessions established using native clients.