Xton Access Manager Product Update 2.3.202005312314
Today we released new update to the Xton Privileged Access Manager software. This update adds support for SSH Agent Forwarding, configurable restrictions for access requests, GUI for SSL cert, location tracking for requestors, mouse triggered session events, and streamlined deployment of HA and DR nodes.
Added support for SSH agent forwarding
The update adds support for SSH Agent Forwarding through high trust SSH Proxy. The option enables connecting to the destination server through one or more bastion hosts using the same set of public and private key pair managed by the system vault. The option is a good addition to MSP end point access toolkit allowing to unify access to multiple SSH-based end points in the isolated customer network through the bastion hosts in a secure zero trust way.
SSH agent forwarding option is controlled by the custom Checkbox field with name AgentForwarding, display name Agent Forwarding added to a record type of Unix Host with Key, Unix Host with Private Key or inherited record types and checked for the record to enable this option.
Added configurable restrictions for access requests
The update adds the option to restrict values for parameters submitted to request access for system actions and assets to limit users ability to submit incorrect or unreasonable requests. Maximum Requested Time and Minimum Requested Time parameters limit the requested time either entered directly or by selecting requested time range. Minimum Reason Length requires users to submit descriptive requests for approvers to take informed action.
All restrictions are optional and are available in the Workflow section of Administration / Settings / Parameters screen.
Added WEB GUI for SSL certificate management
The update adds the option to configure WEB SSL certificate using WEB GUI previously only available using command line operations on the server host computer. The option simplifies uploading, securing and applying domain specific WEB SSL certificate to replace self-signed SSL certificate generated during system deployment. Note that the uploaded certificate should be trusted by all clients in the organization (browsers, scripts, remote nodes). The SSL certificate should be generated for the host name that clients use to access the system and signed by the trusted authority.
The option is available in the SSL section of Administration / Settings / Parameters screen.
Added location tracking for requesters
The update adds the option to include IP address of the person requesting the access to the workflow approval notification for the approvers to take informed decision about request approval based on the requester whereabouts.
The option is configured using notification template place-holders: log.ip for the IP address from the audit log, request.ip and request.requestor.ip for the last IP of the workflow requester.
Added event triggered keys recording
The update support to generate RDP WEB session key-sequence event in response to mouse click, Function-Keys or Crtl-Keys actions in addition to ENTER-key. The option allows to handle session events in GUI based application such as recording entered SQL statement in the SQL Studio and executing it by pressing a button or a function key.
Added streamlined deployment of HA and DR nodes
The update the option to Linux installation script to deploy the new system with the provided master password instead of generated one to simplify deployment of High Availability or recovery nodes. The update simplifies deployment of additional or disaster recovery nodes based on the main node master key to decrypt system data. Previously the option was available in a post-installation script replacing system master password with a new one.
To activate the feature use -mp MASTER-PASSWORD option in Linux installation script replacing MASTER-PASSWORD place-holder with the master password of the main node.
Please review key features documentation and product news using the links below
- How to Harden XTAM Connectors with Strong Protocols and Ciphers
- XTAM REST API Documentation
- XTAM Password Vault Free Trial Download
- Xton Access Manager User Manual
- Getting Started Guide
- Xton Technologies News and Events
- Xton Access Manager How-To Guides
- Explore Our PAM Features and Highlights
- Explore a pre-configured live demo in our environment
- Best Practices Guide provides insights into both Concepts and Design elements for users looking to build out their PAM deployment
The software requires about five minutes to install on a freshly built Windows or Linux server or desktop with 2+ Gb RAM and no pre-requisites. After installation, please follow our Getting Started Guide for step-by-step introduction to the application.
Read the product documentation including Windows and Linux installation instructions as well as Getting Started Guide: https://www.xtontech.com/resources/documentation/
Follow this link for the instructions how to update the existing setup: https://www.xtontech.com/resources/faq/updating-xton-access-manager-version/
Check the software pricing, including options and licensing FAQ: https://www.xtontech.com/store/
We appreciate your feedback and comments about Xton Access Manager and also about handling privileged accounts, passwords, keys and certificates as well as sessions to remote computers in general.
Thank you for your interest in our product.
Xton Technologies team
Xton Access Manager for Privileged Access Management (PAM) provides complete, control for your privileged passwords, secrets, certificates and documents to meet audit requirements while limiting your risk of security breaches. It’s easy to install, affordable, cloud-ready and offers unlimited use and storage
Please fill out this form to receive a download link to get started today, even on your current desktop or laptop. Documentation is available to help or you can email or call us to request a trial extension, discuss questions and share your feedback. We would love to talk to you.