Leading industry analyst firm KuppingerCole has published an independent, third-party, expert review of BeyondTrust’s PowerBroker for Unix & Linux. In the eight-page report, the firm recommends that “modern tools for Privilege Management must support a variety of requirements, from protecting the passwords of shared accounts, rotating the passwords of service and system accounts, to session monitoring and behavioural analytics.” And yet, it warns readers that mature Privilege Management solutions should go much further than simple password generation and access control to individual systems, to also provide a “unified, robust, and – importantly – transparent Privilege Management platform” that is integrated into the organisation’s overall Identity and Access Management (IAM) strategy.
The firm also acknowledges that Unix and Linux servers, and the privileged accounts within, are a favoured target for malicious insiders and external attackers. In the comprehensive product review conducted by none-other than Martin Kuppinger, founder and principal analyst at the firm, the author attests “(Unix and Linux) servers are common targets for attackers, both malicious insiders and external attackers. PowerBroker for Unix & Linux provides in-depth protection for privileged accounts on these platforms.”
Unix and Linux systems present high-value targets for external attackers and malicious insiders alike. This much is known: you should expect to be breached if you share accounts, provide unfettered root access, or let files and sessions go unmonitored. Gaining root or other privileged credentials makes it easy for attackers to fly under the radar and access sensitive systems and data; the risk only increases as attack surfaces expand, perimeters vanish, attackers get smarter, and compliance pressures mount. For sure it’s a difficult balance to strike – eliminating root account sharing, limiting who has access to root privileges, and monitoring sessions – all without hindering administrator productivity.
Taking into consideration Unix/Linux security risks and sudo’s limitations, KuppingerCole’s report reviews PowerBroker’s core capabilities and strengths, including:
- Strong capabilities for managing privileged access to Unix and Linux systems
- Excellent support for a broad variety of Linux and Unix flavours
- Strong logging, auditing, and analytics capabilities
- Good integration across product portfolio
- Deep integration into target platforms due to their host-centric approach
In the conclusion, the independent review confirms that BeyonTrust’s PowerBroker for Unix & Linux “definitely counts amongst the leading-edge products in this market segment, being mature, feature-rich, and with new innovations being regularly deployed.”