Privileged Account Management
With Xton Access Manager, we ensure all access (passwords, keys, certificates, documents and more) to privileged accounts are kept safe, secure and out of the reach of threats, both internal and external. With strong password requirements, auto-resets and “no password access” built into its core, rest easy that you are taking the appropriate steps to enforce IT security.
Account security the way it should be, simple.
Secure Secret & Folder Sharing
Share or grant (and revoke) secure access to colleagues or partners on an as-needed basis including the ability to provide access to remote systems without disclosing passwords, certificates or keys.
Approval Workflows for Privileged Systems & Secrets
Configure and implement approval workflows (also known as Dual Control, Four-Eyes or Peer Approval) to your privileged records to enable additional security.
Audit & Event Logging
Fully embedded auditing for all access and usage events. Understand exactly what, when and by whom your records or secrets were created, accessed, modified or deleted. Integration with 3rd party SIEM systems using the syslog protocol.
Activity Alerts & Notifications
Never be left in the dark again. Setup alerts and notifications to be aware when users are sharing, using or modifying your records.
Organize for Quick & Easy Access
Organize records based on logical folders for easier access to find and share. Create “Favorites” for quick and frequent access to your most used records. Import your existing Remote Desktop Manager or PuTTY configuration to get started with minimal effort.
Standard & Custom Record Types
Create your records using a variety of included, standard Record Types or create your own types to customize the need.
Record Change History
All changes made to records are captured to ensure appropriate tracking, change control procedures and compliance with regulations.
Locked Fields ensure your Secrets are Secure
Through granular permissions, secret fields can be locked and only those granted permissions will ever be able to unlock them and reveal their contents. Those users lacking the unlock permission may still be able to use the secret to establish secure sessions or execute privileged jobs and tasks.
Iron Clad Security
A fully secure AES-256 encrypted Identity Vault maintains total control over all your accounts, secrets and records. A provided master password ensures a “break glass” operation can be performed in an emergency. Your sleep just became a lot more peaceful.
Based on the latest web standards, it runs smoothly in all modern day browsers, including mobile and tablet devices.
Requires only server side installation. No agents are required for any operation on the server or client side.
Enhance your security by integrating with Active Directory or MFA authentication from the most popular providers like Google and Duo Security.
The application components could be installed on any modern Windows or Linux computer.
Keep encrypted application data in the embedded database or MS SQL, Oracle, MySql or PostgreSQL database.
Data in the identity vault is encrypted with AES-265 based encryption. For additionally security, the application can store the master key on a computer separate from the main application or from the application database.
The system components could be installed on multiple nodes across computers, connected through a load balancer, to ensure that failure of a node will not impact system availability.
The system components could be installed on multiple computers to increase performance. The system supports multiple WEB Front Ends, session managers and job engines to process tasks like discovery, password reset or script execution.