Command Control to Restrict Command Execution during Remote Sessions
Command Control in XTAM offers Administrators the ability to restrict commands that can executed via a whitelist or blacklist in both Windows and Unix remote sessions. In addition to the command restrictions themselves, Command Control can also place restrictions on command Arguments and what can, cannot or is required to be “piped” to commands.
The following use cases and scenarios are covered when Command Control is implemented in XTAM.
Restrict the types of commands that can be executed in both Windows and Unix based remote sessions. Forbid users from executing a shutdown command or only permit users to execute service restart commands.
Restrict command arguments and what can be piped into commands to provide further flexibility. This allows users to execute a wide range of commands while restricting their use to a limited set of arguments (allow, deny or require).
Prevent specific applications from being launched through the use of whitelist and blacklist catalogs. A common need is to prevent server jumping.
Inhibit the ability of users to view, extract or modify critical or sensitive content. Prevent your sensitive systems from (un)intentional abuse and your sensitive content from being distributed.
Please review the following FAQ articles to learn how to implement Command Control in XTAM.