Products for the granular management of administrative privileges and the achievement of a complete separation of roles


Power Broker Windows ®

The fastest, simplest and most efficient way to follow the principle of the least privilege both on servers and on Windows desktops

products-pbws
Power Broker Windows is the solution that enables an administrative delegation to be defined through centralized policies on Active Directory (GPO), so that a normal user can run applications by impersonating the administrative account. The most striking difference, compared to the native Windows functionalities, is the possibility to define in a granular way what the user can or cannot do when impersonating the administrative user. Another relevant element is that throughout the entire process, the user does not need to know the administrative password, which can be kept in a secure place such as Power Broker Password Safe.
On the other hand, in the case of workstations, the solution allows the rights of local administrators to be denied to the users and use the administrative delegation solely for the activities that are needed to guarantee the user’s normal working activity. A functionality for tracing sessions is also available when the delegation is in use.


Power Broker Unix & Linux ®

The most flexible way to delegate the administrative rights, through centralized policies, for Unix & Linux systems

products-pbx
Power Broker Unix & Linux allows an administrative delegation to be defined through centralized policies on a dedicated server, so that a normal user can run commands/tasks impersonating the privileged user. The most striking difference compared to the native functionalities of Unix/Linux systems is the possibility to define in a granular way, what the user can or cannot do when impersonating the privileged account. Another relevant element is that throughout the entire process, the user does not need to know the administrative password, which can be kept in a secure place such as Power Broker Password Safe. A functionality for tracing sessions is also available when the delegation is in use.


Power Broker Mac ®

The fastest, simplest and most efficient way to follow the principle of the least privilege both on servers and on Macintosh desktops

products-pbws
Power Broker Mac is the solution that enables an administrative delegation to be defined through centralized policies on BeyondInsight, so that a normal user can run applications by impersonating the administrative account. The most striking difference, compared to the native Macintosh functionalities, is the possibility to define in a granular way what the user can or cannot do when impersonating the administrative user. Another relevant element is that throughout the entire process, the user does not need to know the administrative password, which can be kept in a secure place such as Power Broker Password Safe.
On the other hand, in the case of workstations, the solution allows the rights of local administrators to be denied to the users and use the administrative delegation solely for the activities that are needed to guarantee the user’s normal working activity. A functionality for tracing sessions is also available when the delegation is in use.


Power Broker Virtualization ®

Protects virtual assets, both in the datacenter and in the cloud , from attacks and abuse made possible due to an excess of privileges

products-pbx
Power Broker Virtualization is the tool that enables an administrative delegation to be defined through centralized policies on a dedicated server, so that a normal user can run commands/tasks impersonating the privileged account on the VMWare hypervisor. The most striking difference, compared to the native VMWare functionalities, is the possibility to define in a granular way what the user can or cannot do when impersonating the privileged user. Another relevant element is that throughout the entire process, the user does not need to know the administrative password, which can be kept in a secure place such as Power Broker Password Safe. It is also available the sessions tracing functionality for when the delegation is in use.