BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

PowerBroker for Windows – Solution Deployment

Posted October 11, 2012    Morey Haber

PowerBroker for Windows (PBW) is designed to integrate directly into your corporate Active Directory (AD) structure without modifying your existing schema. In the asset labeled “1” below, an administrator simply loads a Group Policy Option (GPO) snap-in onto an asset that uses the Microsoft Management Console (MMC).  The administrator can then create policies and rules that are stored in the AD domain labeled “2”.  An administrator can also access the management console (Retina CS labeled “3”) via a web interface to run reports or create additional rules based on collected events from the environment.

As domain assets log on (servers, workstations, or remote clients labeled “4”) they receive policy from the domain controller that is processed by the PBWagent. This agent is installed on each device and can be distributed through a software delivery solution or even through GPO itself. This enforces privilege identity management rules on the endpoint and sends status events back to Retina CS for additional reporting, trending, and rule creation.

In a traditional deployment, your organization needs to consider deploying the following three components:

  1. PBW Agents on Servers, Desktops, and Remote Clients
  2. PBW GPO Snap-In for Rules on Administrator Workstations
  3. Retina CS Management Console for Reporting and Event Management (optional).

PBW Agents are lightweight MSI installers, under 30MB, that can be pushed down to assets using everything from logon scripts to GPO. The GPO snap-ins should only be deployed where needed for policy creation. And,Retina CS (available soon for PBW) is generally a one-time server installation (software, virtual, or appliance) for management. It can also be deployed as multiple servers in atiered architecture for enterprise clients if needed.  Below is an example of this approach.

For more information on how to take advantage of PowerBroker for Windows and Retina CS within your environment, please click here. BeyondTrust is the thought leader for integrating privilege identity management and vulnerability assessment in a single solution.

Tags:
, , , , , , , ,

Additional articles

PBPS-screenshot-blog aug2014

Failing the Security Basics: Backoff Point-of-Sale Malware

Posted August 22, 2014    Marc Maiffret

At the beginning of this month, US-CERT issued a security alert relating to a string of breaches that had been targeting Point of Sale (POS) systems. The alert details that attackers were leveraging brute forcing tools to target common remote desktop applications such as Microsoft’s Remote Desktop, Apple Remote Desktop, Splashtop and LogMeIn among others….

Tags:
, , , , , ,

Troubleshooting Windows Privilege Management Rules with Policy Monitor

Posted August 21, 2014    Jason Silva

When defining and testing PowerBroker for Windows rules for production or pilots, customers sometimes tell us, “I don’t think this policy / program is working.” This is usually a case of the policy not properly triggering because of the way the rule was created. A unique feature of PowerBroker for Windows compared to other solutions is a client-side…

Tags:
, , ,
darren-mar-elia

BeyondTrust Webcast: Darren Mar-Elia’s 4 Active Directory Change Scenarios to Track

Posted August 20, 2014    Chris Burd

In our latest webcast, we joined Darren Mar-Elia, CTO at SDM Software, to discuss best practices for Active Directory (AD) change management. Here are some key takeaways from the presentation, followed by a link to a full-length video of the presentation. Mar-Elia kicks things off with a critical insight: that the best AD change management…

Tags:
, , , , , , ,