Xton Access Manager Product Update 2.3.202007122310
Today we released new update to the Xton Privileged Access Manager software. This update added the option to approve or reject access requests by using shortcuts in notification email, added support for remote applications run on the Windows RDS application host through RDP Proxy using native RDP clients, and added the option to enforce session and session event recording for assets located in personal vaults.
Added request approval shortcuts to notification emails
Added the option to approve or reject access requests by using shortcuts in notification email. The option simplifies approval process and encourages adoption of just in time principle of privileged access minimizing exposure and improving visibility of sensitive data access.
To inject shortcuts to notification email template use email place-holders {{approve.path}} and {{reject.path}} for the links leading directly to request approve and request pages. The update adds place-holders to the default notification email template. Note that these shortcut links require approver authentication in the system prior to the request approval or rejection possibly with two factor authentication.
In addition to the shortcuts that require approver authentication, the update added the option to inject one-time short lived shortcut links including uniquely generated path to allow approvers to approve or reject requests without the need to authenticate in the system further simplifying approval cycle. To enable unique anonymous links approval shortcuts use the following place-holders in the notification email template: {{anonymous.approve.path}} and {{anonymous.reject.path}} for the links leading directly to request approve and request pages without requesting approver authentication.
Added Remote Applications support to RDP Proxy
Remote application technology enables high-trust login with session recordings to the Windows desktop applications run on the dedicated Windows RDS infrastructure. Using this technology, XTAM server on behalf of a user opens a regular RDP session to Windows RDS server, launches desktop application (such as Internet Explorer or Chrome browser, MS SQL Studio, SAP or Cisco client or any other application), populates user credentials to login to the application and only after that transfers control over the session to the user.
Remote applications technology was available for a long time for WEB RDP Sessions established using client side browsers. This update brings the same functionality to the sessions established using native RDP clients (mstsc, mRemoteNG, TS+, etc) sending RDP traffic through RDP Proxy. RDP Proxy uses the same configuration in the Vault used by WEB Sessions. The option facilitates adoption of zero trust just in time access following the principles of the least privileges by allowing end users to utilize familiar RDP client experience to access shared privileged applications.
Read more about applications and configuration of Remote App technology using the link XTAM Remote Apps Getting Started Guide below. Existing users of the Remote Application technology should update RDS host with the application launcher downloaded using the following link https://bin.xtontech.com/product/XtAutoShell.exe
Added recording enforcement for Personal Vaults
The update added the option to require session and session events recording for all assets created in users personal vaults. The option enables tight control over the devices in isolated data-centers, air gap networks or Virtual Private Clouds even for the users using personal accounts with privileged access.
The option is controlled by two global parameters located in the Administration / Settings / Parameters / Sessions category: Personal Vault Session Recording and Personal Vault Event Recordings. When set to Enforced these parameters overwrite default records permission scheme to enforce sessions or session events recordings respectively.
Added the option to terminate disconnected RDP sessions
Sometimes users close remote RDP session without proper logoff procedure leaving open disconnected session on the remote computers waiting to timeout. This update added Windows Logoff Disconnected Sessions script that could be used in After Session event trigger to forcefully logoff disconnected inactive sessions from Windows computers. The script assumes PowerShell access to the remote endpoint with the option to terminate sessions. The script could be scheduled to run using shadow account with administrator privileges. The option allows to maintain data security on the remote servers by minimizing time of opened RDP sessions.
https://www.xtontech.com/resources/xton-access-manager-release-notes/
Please review key features documentation and product news using the links below
- XTAM Gateway
- XTAM API Python Example
- XTAM Remote Apps Getting Started Guide
- XTAM REST API Documentation
- XTAM Password Vault Free Trial Download
- Xton Access Manager User Manual
- Getting Started Guide
- Xton Technologies News and Events
- Xton Access Manager How-To Guides
- Explore Our PAM Features and Highlights
- Explore a pre-configured live demo in our environment
- Best Practices Guide provides insights into both Concepts and Design elements for users looking to build out their PAM deployment
The software requires about five minutes to install on a freshly built Windows or Linux server or desktop with 2+ Gb RAM and no pre-requisites. After installation, please follow our Getting Started Guide for step-by-step introduction to the application.
Read the product documentation including Windows and Linux installation instructions as well as Getting Started Guide: https://www.xtontech.com/resources/documentation/
Follow this link for the instructions how to update the existing setup: https://www.xtontech.com/resources/faq/updating-xton-access-manager-version/
Check the software pricing, including options and licensing FAQ: https://www.xtontech.com/store/
We appreciate your feedback and comments about Xton Access Manager and also about handling privileged accounts, passwords, keys and certificates as well as sessions to remote computers in general.
Thank you for your interest in our product.
Xton Technologies team
Download Today!
Xton Access Manager for Privileged Access Management (PAM) provides complete, control for your privileged passwords, secrets, certificates and documents to meet audit requirements while limiting your risk of security breaches. It’s easy to install, affordable, cloud-ready and offers unlimited use and storage
Please fill out this form to receive a download link to get started today, even on your current desktop or laptop. Documentation is available to help or you can email or call us to request a trial extension, discuss questions and share your feedback. We would love to talk to you.
The Featured images for this article is Vintage vector created by kreativkolors – www.freepik.com
Business vector created by vectorpocket – www.freepik.com