Administrator Access Control Module

GateKeeper icon

GateKeeper™ Administrator Access Control provides granular, role-based access control, containment, command filtering, monitoring and session recording.

Using unique, patent-pending technologies, GateKeeper controls and contains the access of network administrators, trusted insiders, third parties and other privileged users. It monitors access and records privileged user sessions, alerts on policy violations, and provides DVR-like session playback. The GateKeeper module runs on the Xsuite platform.

Certified to Common Criteria EAL4+ and FIPS 140-2 Level 2, Xceedium's GateKeeper is the only administrator access control solution approved for government use.

Administrator Access Control Benefits:

Centralize and enforce administrator access control policies through a single unified system
Implement Deny All Permit by Exception (DAPE) and least privilege access controls
Enhance security by fully attributing the use of shared administrator accounts to a specific, authenticated user. Know exactly who is using root and other administrative accounts
Create precise administrator access control policies with granular definition and enforcement at the group or individual level
Contain administrators to authorized systems, devices and commands
Monitor access and receive real-time alerts for violations
Analyze usage with comprehensive reporting, complete keystroke logging, full session recording and DVR-like playback with the ability to skip directly to alert tags
Simplify auditing; prove compliance with regulatory initiatives and standards including PCI DSS, FISMA, NERC CIP, HIPAA and more
Easy to install, configure and manage over time; low total cost of ownership

GateKeeper™ Administrator Access Control Features:

Centralized Administrator Access Control & User Authentication

Individualized portal provides network administrators, security staff and trusted third parties with secure, single-sign-on access to authorized systems and devices
Support for access to systems via text-based command line and graphic RDP or VNC session
Supports both local and remote access controls
Granular security policy creation and enforcement based on roles or group membership, integrated with existing directory and identity-management infrastructure
Logical segmentation of your network structure, without the need for expensive new gear or time-consuming changes to routers, switches and other network infrastructure
The GateKeeper Administrator Access Control module is the most highly certified product of its kind

Compartmentalization

Secure port forwarding access methodology provides compartmentalization at the port level
Command-level filters limit command usage, placing sensitive commands completely off limits to administrators or allowing selected-user restricted access as needed
Visibility of IT infrastructure is limited to only those areas administrators are authorized to see and access
Authorized applications are isolated, protected from unauthorized access

Containment

Leapfrog prevention keeps users from moving between their authorized systems and other secure areas within your IT infrastructure
Blocking unauthorized activity combined with real-time alerts enables customers to immediately respond to access violations and suspicious activity

Comprehensive Access Monitoring and Reporting

Provides an end-to-end view of all activity, in a central location, at the source IP address level
User activity is tracked and logged, including the date and time the user logged into a specific device, the access method employed and the duration of the session
Full audit capabilities, including keystroke logging and session recording, with DVR-like playback and tagging of actions taken
Unauthorized actions can be prevented, users can be warned, sessions can be terminated, and individual user accounts can be suspended pending re-authorization
Support for thousands of simultaneous sessions with full recording on a single appliance

Products