Privileged Job Management
Xton Access Manager reduces the number of privileged accounts in the network and controls access to active privileged accounts. This enables the appropriate people or processes to perform work on critical computers and devices at a right time while maintaining the minimal possible permission levels to maximize your network security.
Continuous Discovery of Privileged Accounts
Use IP-range or AD-based strategies for network scans with a set of predefined credentials to detect privileged accounts on network devices as well as accounts with default or factory assigned passwords. Import network discovery data from other products to finalize your account detection process and then immediately bring these accounts under management.
Detection of Users with Elevated Privileges
Find local accounts with elevated privileges on network computers and take immediate action to secure them.
Periodic Password Reset
Automate periodic password reset for critical privileged accounts to reduce the number of users who have uncontrolled access with elevated privileges.
Event Based Password Reset
Automate the password reset for privileged accounts after the disclosure of secret information, after accessing a remote computer, after discovering new accounts or updating account metadata.
Password Reset on Windows or Unix Devices
Automate password reset activities for accounts on either Unix or Windows operating systems, whether standalone or domain joined, for local of domain accounts.
Elevated Script Execution
Allow users to execute a defined set of commands or scripts with elevated privileges on certain network computers and devices.
Audit & Event Logging
Fully embedded auditing for all access and usage events. Understand exactly what, when and by whom your system was accessed.
Activity Alerts & Notifications
Set up alerts and email notifications about discovery, password reset or privileged script execution activities that occur in the system.
Based on the latest web standards, it runs smoothly in all modern day browsers, including mobile and tablet devices.
Requires only server side installation. No agents are required for any operation on the server or client side.
Enhance your security by integrating with Active Directory or MFA authentication from the most popular providers like Google and Duo Security.
The application components could be installed on any modern Windows or Linux computer.
Keep encrypted application data in the embedded database or MS SQL, Oracle, MySql or PostgreSQL database.
Data in the identity vault is encrypted with AES-265 based encryption. For additionally security, the application can store the master key on a computer separate from the main application or from the application database.
The system components could be installed on multiple nodes across computers, connected through a load balancer, to ensure that failure of a node will not impact system availability.
The system components could be installed on multiple computers to increase performance. The system supports multiple WEB Front Ends, session managers and job engines to process tasks like discovery, password reset or script execution.